Trying to get rid of SUID/SGID executables from alpine-mini most likely
will intruduce more complexity. I concede that this may not be worth the
effort for the alpine-mini ISO as an install medium but as installation
options, like choosing between between dropbear and openssh for your
On Fri, 29 May 2015 11:42:31 -0500
William Pitcock <nenolod_at_dereferenced.org> wrote:
> As far as I know there's no SUID/SGID enabled packages in alpine-mini
> other than bbsuid which we install to proxy only the SUID-needing bits
> of busybox.
While most likely that is true there are programs that are symbolically
linked to /bin/bbsuid and don't strictly have to be.
# network tools
Could the need for /bin/bbsuid be possibly removed by using extended
The openwall project provides a shadow file mechanism that removes the
need for suid bit on passwd.
I've successfully compiled tcb on Alpine however I've not had the
chance to fully test it.
There are a variety of cron daemons out there and I believe one of them
provides a more fine grained controlled cron system. I think bcron may
Received on Fri May 29 2015 - 11:10:35 GMT