Re: suid bit on directories

Bill Davidsen (davidsen@tmr.com)
Tue, 21 May 2002 14:03:17 -0400 (EDT)


On Mon, 20 May 2002, Michael Hoennig wrote:

> Anyway, when I find time in the next weeks, I will try this patch and post
> it. I will do it as a mount option. Nobody is forced to use it ;-)

If I might offer a suggestion, that requires a patched mount command, etc.
I would offer as an alternative implementation which might be both easier
to do and more useful in testing. Make the capability an option in the
kernel, and then require that it be enabled in /proc/sys with default off.
Think TCP_SYN_COOKIES or similar. That way you can have a single patch set
for the kernel only, and no one can possibly "stumble on it" and complain.
Also, you can disable without reboot or remount after testing.

-- 
bill davidsen <davidsen@tmr.com>
  CTO, TMR Associates, Inc
Doing interesting things with little computers since 1979.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/