Date: Mon, 4 Jun 2001 20:08:28 -0400 From: Kevin Way <kevin.way@overtone.org> To: Wilko Bulte <wkb@freebie.demon.nl> Cc: hackers@FreeBSD.ORG Subject: Re: speeding up /etc/security Message-ID: <20010604200828.A41130@bean.overtone.org> In-Reply-To: <20010604211909.B1112@freebie.demon.nl>; from wkb@freebie.demon.nl on Mon, Jun 04, 2001 at 09:19:09PM %2B0200 References: <p05100300b741879b7bc3@[192.168.168.205]> <Pine.LNX.4.21.0106041205070.3177-100000@zeppo.feral.com> <20010604211909.B1112@freebie.demon.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
--vkogqOf2sHV7VnPd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable > Does /etc/security take filesystem mounted with: >=20 > nosuid Do not allow set-user-identifier or set-group-identifier > bits to take effect. Note: this option is worthless if a > public available suid or sgid wrapper like suidperl(1) > is installed on your system. >=20 > into account? If so, and the filesystems have nothing on them that > needs suid you could mount 'm this way The answer there is 'sort of'. /etc/security checks all ufs partitions that aren't marked nosuid. if you're using anything other than UFS (e.g. MFS,ext2,whatever), it's not getting checked at all. Kevin Way --vkogqOf2sHV7VnPd Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7HCL8KxA01iDoLN4RAp9iAKC8iY8ntiS/MNS71qEFLPim0KLTyACdG/wO GexMs5Y/r4IxSYaAy4RN2p0= =gKsn -----END PGP SIGNATURE----- --vkogqOf2sHV7VnPd-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010604200828.A41130>