Comment by charcircuit
3 hours ago
When will these distros accept suid was a mistake and disable it. It has lead to critical local privilege escalation exploits so many times.
3 hours ago
When will these distros accept suid was a mistake and disable it. It has lead to critical local privilege escalation exploits so many times.
Probably never for package based distros. I could see it happening for image based distros, where systemd is slowly but surely providing all the building blocks for. It has had the option for `NoNewPrivileges=` in the `system.conf` since v239, so it isn't exactly difficult to disable for the entire system.
Though you'd be surprised how many binaries are suid binaries while they probably shouldn't be (passwd, mount, groupmems, ...), though alot can also work without being suid just more resticted in what they can do.
Around 20 years after suid is deprecated.