Ingo Schwarze <[email protected]> wrote: > Hi Brian, > > Brian Brombacher wrote on Mon, Sep 14, 2020 at 07:55:11AM -0400: > > > Love the idea; however, the only drawback is if some Bad Person > > is twiddling around and leaves a suid or dev around on a file system > > that is nosuid or nodev, you lose visibility. > > Doesn't look like a problem to me; that such bits and files are > ignored on file systems with these mount options is the whole point > of these options. So AFAICT, such files are not special in such > places and hence visibility is not really useful. > > > Maybe an option to always scan regardless of fs options? > > I dislike options unless there is a really strong need for them. > Why would you want to be notified about SUID files on a nosuid > file system? What would you want to do about them, and why?
I am happy enough with the diff, and also dislike having a flag. Can we get it commited and revisit the situation in 10 years?
