diff options
Diffstat (limited to 'doc/capability.notes')
| -rw-r--r-- | doc/capability.notes | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/capability.notes b/doc/capability.notes index b1e5245..4087c80 100644 --- a/doc/capability.notes +++ b/doc/capability.notes @@ -22,7 +22,7 @@ the name 'system' who's account is locked with a '*' password. This user can be made the owner of all of the system directories on your system and critical system binaries too. -Why is this a good idea? In a simple case, the CAP_FUSER capabilty is +Why is this a good idea? In a simple case, the CAP_FUSER capability is required for the superuser to delete files owned by a non-root user in a 'sticky-bit' protected non-root owned directory. Thus, the sticky bit can help you protect the /lib/ directory from an compromized |