[RndTbl] Linux capabilities vs setuid-root

Trevor Cordes trevor at tecnopolis.ca
Tue Sep 15 20:23:07 CDT 2015

On 2015-09-09 Gilbert E. Detillieux wrote:
> I mentioned Linux capabilities (setcap/getcap commands) briefly
> during last night's round-table session, and Trevor mentioned that he
> thought that recent Fedora releases had eliminated the use of
> setuid-root binaries in favour of capabilities-based binaries.
> (That's the stated goal, in any case.)

Ya, I thought it over and checked my system and it turns out I was
thinking about suid scripts; perl in particular.  An update or two ago
they got rid of suid perl completely, as in made it impossible, and I
had to scramble to get some things to work by using sudoers (not
capabilities).  I guess caps are the next Big Thing.  I'll wait until
they disable sudoers... (yes Adam, *BSD, grumble grumble.)

More information about the Roundtable mailing list