On Fri, 24 Jan 2003, der Mouse wrote:

> > The idea of making chroot usable by non-root has been floated, and
> > everone has taken the lack of honoring set-id as a given.
>
> It wasn't clear to me that was part of what you outlined.  I must have
> missed whatever caused everyone else to assume no set-id.

I don't think David mentioned it in his discussion. :-)

> > What else do we need?
>
> I'm not sure.  Perhaps nothing - but I'm not _nearly_ sure enough of
> that to bet my systems' security on it.

Ok, so we probably need a sysctl to enable/disable it too.

Take care,

Bill