Bug#767087: beep: Linux Capabilities should be used instead of SUID root bit

On 28/10/2014 17:14, Florian Weimer wrote: > * Alessandro Selli: > >> Florian Weimer wrote: >>> * Alessandro Selli: >>> CAP_DAC_OVERRIDE is root-equivalent only as far as the DAC is concerned. >>> This is incorrect. >> >> Is capabilities(7) man page incorrect? > >> What else does this

Bug#767087: beep: Linux Capabilities should be used instead of SUID root bit

Florian Weimer wrote: * Alessandro Selli: Florian Weimer wrote: * Alessandro Selli: CAP_DAC_OVERRIDE is root-equivalent only as far as the DAC is concerned. This is incorrect. Is capabilities(7) man page incorrect? What else does this capability allow a process to do? As I tried to

Bug#767087: beep: Linux Capabilities should be used instead of SUID root bit

* Alessandro Selli: > Florian Weimer wrote: >> * Alessandro Selli: >> >>> CAP_DAC_OVERRIDE is root-equivalent only as far as the DAC is >>> concerned. >> This is incorrect. > > Is capabilities(7) man page incorrect? > What else does this capability allow a process to do? As I tried to explai

Bug#767087: beep: Linux Capabilities should be used instead of SUID root bit

Florian Weimer wrote: * Alessandro Selli: CAP_DAC_OVERRIDE is root-equivalent only as far as the DAC is concerned. This is incorrect. Is capabilities(7) man page incorrect? CAP_DAC_OVERRIDE Bypass file read, write, and execute permission checks. (DAC is

Bug#767087: beep: Linux Capabilities should be used instead of SUID root bit

Florian Weimer wrote: * Alessandro Selli: Beep is installed SUID root in Debian Wheezy. This is unnecessary. In order to overcome tty ioctl issue, expecially when running in an Xterm, these capabilities should instead be set to the /usr/bin/beep executable: CAP_DAC_OVERRIDE,CAP_SYS_TTY_CONFIG=e

Bug#767087: beep: Linux Capabilities should be used instead of SUID root bit

* Alessandro Selli: > CAP_DAC_OVERRIDE is root-equivalent only as far as the DAC is > concerned. This is incorrect. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#767087: beep: Linux Capabilities should be used instead of SUID root bit

* Alessandro Selli: > Beep is installed SUID root in Debian Wheezy. This is > unnecessary. In order to overcome tty ioctl issue, expecially when > running in an Xterm, these capabilities should instead be set to the > /usr/bin/beep executable: > CAP_DAC_OVERRIDE,CAP_SYS_TTY_CONFIG=ep CAP_DAC_OVE

Bug#767087: beep: Linux Capabilities should be used instead of SUID root bit

Package: beep Version: 1.3-3+b1 Severity: normal Tags: security -- System Information: Debian Release: 7.7 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.14.22.luminol0 (SMP w/2 CPU cores) Locale: LANG=it_IT.UTF-8, LC_