Don Lewis wrote: > On 28 Mar, Eric Anderson wrote: > >>Don Lewis wrote: >> >> >>>Why not just mount these partitions nosuid? That will cause them to be >>>automagically be skipped by the setuid security scan, and will prevent >>>the setuid bit of any executables that happen to be backed up there from >>>being honored. >> >>Because then I cannot create suid files, which means I cannot back them up.. > > > Are you sure about that? > > % df . > Filesystem 1K-blocks Used Avail Capacity Mounted on > /dev/ad0s2f 11811982 6125698 4741326 56% /home > % mount | grep home > /dev/ad0s2f on /home (ufs, local, nosuid, soft-updates) > % touch foo > % ls -l foo > -rw-r--r-- 1 dl dl 0 Mar 28 13:45 foo > % chmod 4755 foo > ls -l foo > -rwsr-xr-x 1 dl dl 0 Mar 28 13:45 foo > % uname -sr > FreeBSD 6.0-CURRENT Nope - not sure at all! :) By reading the man page, one is led to think you cannot. Maybe the man page should be adjusted to clarify, as that could possibly get someone into trouble. Thanks for pointing this out. However, I *still* think it needs to be an option - what if one really needs those suid bits, but doesn't want the machine bogged down for several days doing a find? Eric -- ------------------------------------------------------------------------ Eric Anderson Sr. Systems Administrator Centaur Technology I have seen the future and it is just like the present, only longer. ------------------------------------------------------------------------Received on Mon Mar 28 2005 - 19:54:22 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:30 UTC