Re: ~/.login_conf mechanism is flawed

看板FB_security作者時間15年前 (2010/08/13 19:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串12/13 (看更多)
jhell <jhell@dataix.net> writes: > On the note of using a ~/.login_conf file for setting limits and in this > case increasing them. when they shouldn't be. > > I have been using a ~/.login_conf without generating the > ~/.login_conf.db through the use of cap_mkdb(1) for quite some time. So > on that, is it really necessary to look for that .db file at all since > ~/.login_conf works without it... It won't make any difference. The problem is that setusercontext() applies the user's settings even if it's still running as root. I have a patch, but I need to check that it doesn't break anything. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 des. 的文章
文章代碼(AID): #1CPINlHS (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 12 之 13 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共13篇)
更多 des. 的文章
文章代碼(AID): #1CPINlHS (FB_security)