Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Security considerations for the automount policy z/OS UNIX System Services Planning GA32-0884-00 |
|
In the MapName file, the setuid keyword specifies whether to support or ignore the setuid or setgid mode bits on executable files loaded from the file system. The default is yes. For security reasons, consider specifying "setuid no" . If
you do, then the setuid and setgid flags in the permission bits are
ignored, as well as the program control extended attribute (+p) and
the APF-authorized extended attribute (+a). Consider the following:
|
Copyright IBM Corporation 1990, 2014
|