Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 517727 - Changes for lowering capabilities project
Changes for lowering capabilities project
Product: Fedora
Classification: Fedora
Component: dnsmasq (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Patrick Laughton
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2009-08-16 08:14 EDT by Steve Grubb
Modified: 2009-10-05 14:34 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-10-05 14:34:22 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Patch to drop capabilities (739 bytes, patch)
2009-08-16 08:14 EDT, Steve Grubb
no flags Details | Diff

  None (edit)
Description Steve Grubb 2009-08-16 08:14:41 EDT
Created attachment 357566 [details]
Patch to drop capabilities

Description of problem:
As part of the lowering capabilities project, we should drop all unnecessary
capabilities in all daemons. Dnsmasq is not clearing its bounding set. I will attach a patch that fixes this.
Comment 2 Itamar Reis Peixoto 2009-10-05 02:15:47 EDT
what are the status of this patch ?

sent to upstream ?
Comment 3 Steve Grubb 2009-10-05 09:17:37 EDT
Yes, this patch has been sent upstream. In discussion with upstream I think we decided that it may not be necessary. I was leaving the bug open to remind me to come back and look at the uid of dnsmasq. It had been showing up as root in my tools, but I fixed a bug in them and now its showing up as nobody. I really think dnsmasq should have a better account to run under than "nobody". I suppose this bug can be closed.

Note You need to log in before you can comment on or make changes to this bug.