From aedd46f66ed5462c0e0193faa977a6dfef4fd0de Mon Sep 17 00:00:00 2001 From: Michael Kerrisk Date: Sun, 4 Dec 2016 20:34:54 +0100 Subject: docs: various pages: Use consistent terminology (set-user-ID and set-group-ID) Use consistent terminology for set-user-ID and set-group-ID bits. There's much inconsistency in the pages. "suid", "set-user-identifier", "setuid". Stick with one terminology, "set-user-ID" and set-grout-ID, as suggested in man-pages(7). Signed-off-by: --- sys-utils/setpriv.1 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'sys-utils/setpriv.1') diff --git a/sys-utils/setpriv.1 b/sys-utils/setpriv.1 index 383efec37..23c147685 100644 --- a/sys-utils/setpriv.1 +++ b/sys-utils/setpriv.1 @@ -11,7 +11,8 @@ Sets or queries various Linux privilege settings that are inherited across .BR execve (2). .PP The difference between the commands setpriv and su (or runuser) is that setpriv does -not use open PAM session and does not ask for password. It's simple non-suid wrapper around +not use open PAM session and does not ask for password. +It's simple non-set-user-ID wrapper around .B execve system call. .SH OPTION @@ -59,7 +60,8 @@ Set the .I no_new_privs bit. With this bit set, .BR execve (2) -will not grant new privileges. For example, the setuid and setgid bits as well +will not grant new privileges. +For example, the set-user-ID and set-group-ID bits as well as file capabilities will be disabled. (Executing binaries with these bits set will still work, but they will not gain privileges. Certain LSMs, especially AppArmor, may result in failures to execute certain programs.) This bit is -- cgit v1.2.3-55-g7522