|
 |
0e1b67 |
From 8704fa57c3b93152df6c10fd6a35ebdd59e1a5b7 Mon Sep 17 00:00:00 2001
|
|
|
0e1b67 |
From: Peter Wu <peter@lekensteyn.nl>
|
|
|
0e1b67 |
Date: Fri, 1 Feb 2019 15:40:53 +0100
|
|
|
0e1b67 |
Subject: [PATCH 45/55] mount.8: clarify (no)suid behavior on file capabilities
|
|
|
0e1b67 |
|
|
|
0e1b67 |
Clarify that the nosuid option also affects file capabilities and that
|
|
|
0e1b67 |
it only limits execution of programs. (setgid on directories still
|
|
|
0e1b67 |
inherit the group regardless of the nosuid option.) The new text is
|
|
|
0e1b67 |
taken from the mount(2) manual page from the man-pages project.
|
|
|
0e1b67 |
|
|
|
0e1b67 |
Addresses: https://github.com/karelzak/util-linux/issues/482
|
|
|
0e1b67 |
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1855759
|
|
|
0e1b67 |
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
|
|
|
0e1b67 |
---
|
|
|
0e1b67 |
sys-utils/mount.8 | 8 ++++----
|
|
|
0e1b67 |
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
|
0e1b67 |
|
|
|
0e1b67 |
diff --git a/sys-utils/mount.8 b/sys-utils/mount.8
|
|
|
0e1b67 |
index 1cc792979..a4d7de2c0 100644
|
|
|
0e1b67 |
--- a/sys-utils/mount.8
|
|
|
0e1b67 |
+++ b/sys-utils/mount.8
|
|
|
0e1b67 |
@@ -1107,12 +1107,12 @@ or
|
|
|
0e1b67 |
Do not use the lazytime feature.
|
|
|
0e1b67 |
.TP
|
|
|
0e1b67 |
.B suid
|
|
|
0e1b67 |
-Allow set-user-ID or set-group-ID bits to take
|
|
|
0e1b67 |
-effect.
|
|
|
0e1b67 |
+Honor set-user-ID and set-group-ID bits or file capabilities when
|
|
|
0e1b67 |
+executing programs from this filesystem.
|
|
|
0e1b67 |
.TP
|
|
|
0e1b67 |
.B nosuid
|
|
|
0e1b67 |
-Do not allow set-user-ID or set-group-ID bits to take
|
|
|
0e1b67 |
-effect.
|
|
|
0e1b67 |
+Do not honor set-user-ID and set-group-ID bits or file capabilities when
|
|
|
0e1b67 |
+executing programs from this filesystem.
|
|
|
0e1b67 |
.TP
|
|
|
0e1b67 |
.B silent
|
|
|
0e1b67 |
Turn on the silent flag.
|
|
|
0e1b67 |
--
|
|
|
0e1b67 |
2.29.2
|
|
|
0e1b67 |
|