On 10/24/2011 02:13 PM, Corey Bryant wrote:
Right, it's not desirable, but isn't that the best we can do without libcap or FS capabilities?I think the best we can do is not let it run in those cases. :) I'd like see if others in the community have an opinion on this though.
IMHO, it should work as an setuid binary maintaining root privileges. As long as it's a small binary (which it is) and is easy to audit, it should be safe.
Regards, Anthony Liguori
