Skip to content
Snippets Groups Projects
Commit d581b812 authored by Stephen Smalley's avatar Stephen Smalley
Browse files

Remove fsetid from netd. 


fsetid checks are triggered by chmod on a directory or file owned by
a group other than one of the groups assigned to the current process
to see if the setgid bit should be cleared, regardless of whether the
setgid bit was even set.  We do not appear to truly need this
capability for netd to operate, so remove it.  Potential dontaudit
candidate.

Change-Id: I5ab4fbaaa056dcd1c7e60ec28632e7bc06f826bf
Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
parent 35102f58
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 10 additions and 1 deletion
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment