558612 – Tracker for improvements based on restricted capabilities

Bug 558612 - Tracker for improvements based on restricted capabilities

Summary: Tracker for improvements based on restricted capabilities

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	distribution
Sub Component:
Version:	13
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Miloslav Trmač
QA Contact:	Bill Nottingham
Docs Contact:
URL:
Whiteboard:
Depends On:	558614
Blocks:
TreeView+	depends on / blocked

Reported:	2010-01-25 20:00 UTC by Miloslav Trmač
Modified:	2014-03-17 03:21 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-07-02 13:13:48 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Miloslav Trmač 2010-01-25 20:00:01 UTC

This page tracks possible improvements to Fedora's security based on restricted POSIX capabilities.

See https://fedoraproject.org/wiki/Features/LowerProcessCapabilities , https://fedoraproject.org/wiki/Features/ProtectingBinariesUsingCapabilities for rationale.

Comment 1 Bug Zapper 2010-03-15 14:13:19 UTC

This bug appears to have been reported against 'rawhide' during the Fedora 13 development cycle.
Changing version to '13'.

More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping

Comment 2 Miloslav Trmač 2010-07-02 13:13:48 UTC

I don't plan to implement these changes any more - in particular because the file owner can change the permissions without CAP_DAC_OVERRIDE.

Note You need to log in before you can comment on or make changes to this bug.