diff options
author | Michael Kerrisk | 2016-12-04 20:34:54 +0100 |
---|---|---|
committer | Karel Zak | 2016-12-09 13:45:09 +0100 |
commit | aedd46f66ed5462c0e0193faa977a6dfef4fd0de (patch) | |
tree | aa41e8c4ced3ee9cb1321eb00f0060c110ac78c1 /sys-utils/setpriv.1 | |
parent | docs: various pages: Format pathnames as italic (.I) (diff) | |
download | kernel-qcow2-util-linux-aedd46f66ed5462c0e0193faa977a6dfef4fd0de.tar.gz kernel-qcow2-util-linux-aedd46f66ed5462c0e0193faa977a6dfef4fd0de.tar.xz kernel-qcow2-util-linux-aedd46f66ed5462c0e0193faa977a6dfef4fd0de.zip |
docs: various pages: Use consistent terminology (set-user-ID and set-group-ID)
Use consistent terminology for set-user-ID and set-group-ID bits.
There's much inconsistency in the pages. "suid",
"set-user-identifier", "setuid". Stick with one terminology,
"set-user-ID" and set-grout-ID, as suggested in man-pages(7).
Signed-off-by: <mtk.man-pages@gmail.com>
Diffstat (limited to 'sys-utils/setpriv.1')
-rw-r--r-- | sys-utils/setpriv.1 | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/sys-utils/setpriv.1 b/sys-utils/setpriv.1 index 383efec37..23c147685 100644 --- a/sys-utils/setpriv.1 +++ b/sys-utils/setpriv.1 @@ -11,7 +11,8 @@ Sets or queries various Linux privilege settings that are inherited across .BR execve (2). .PP The difference between the commands setpriv and su (or runuser) is that setpriv does -not use open PAM session and does not ask for password. It's simple non-suid wrapper around +not use open PAM session and does not ask for password. +It's simple non-set-user-ID wrapper around .B execve system call. .SH OPTION @@ -59,7 +60,8 @@ Set the .I no_new_privs bit. With this bit set, .BR execve (2) -will not grant new privileges. For example, the setuid and setgid bits as well +will not grant new privileges. +For example, the set-user-ID and set-group-ID bits as well as file capabilities will be disabled. (Executing binaries with these bits set will still work, but they will not gain privileges. Certain LSMs, especially AppArmor, may result in failures to execute certain programs.) This bit is |