Re: ~/.login_conf mechanism is flawed
- From: Dag-Erling Smørgrav <des@xxxxxx>
- Date: Fri, 13 Aug 2010 12:35:17 +0200
jhell <jhell@xxxxxxxxxx> writes:
On the note of using a ~/.login_conf file for setting limits and in this
case increasing them. when they shouldn't be.
I have been using a ~/.login_conf without generating the
~/.login_conf.db through the use of cap_mkdb(1) for quite some time. So
on that, is it really necessary to look for that .db file at all since
~/.login_conf works without it...
It won't make any difference. The problem is that setusercontext()
applies the user's settings even if it's still running as root. I have
a patch, but I need to check that it doesn't break anything.
Dag-Erling Smørgrav - des@xxxxxx
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Prev by Date: Re: Capsicum: practical capabilities for UNIX (fwd)
- Next by Date: Re: ~/.login_conf mechanism is flawed
- Previous by thread: Re: ~/.login_conf mechanism is flawed
- Next by thread: Re: ~/.login_conf mechanism is flawed