On Wed, Oct 30, 2013 at 07:25:55PM +0000, Kevin Chadwick wrote: > Couldn't they just be ignored not to mention already having existing or > far more functional and robust *options* that work with any init system.
A cursory glance at the example above… > > PrivateTmp=yes > > InaccessibleDirectories=/home …would suggest that simply ignoring such things could be a major security concern. So, no. > and on another matter I personally much prefer a setcap (again or other > options like RBAC) shell line to > > CapabilityBoundingSet=CAP_SYS_TIME Presumably your preference is not purely down to syntax. What is it down to? > No it isn't and has been argued over not long ago, so as I have been > requested to and am now trying (even harder) it would be good if we > could keep the S/N ratio down. I'm afraid you're failing with sentences such as the above. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131030204323.ge12...@bryant.redmars.org