Follow-up Comment #1, bug #65609 (group findutils):
This is a valid though somewhat niche requirement.
I think honestly the best way to implement it is to remove from the table of
actions in (from memory) pred.c any that you don't want, and build a modified
find binary.
That way you know for sure that an attacker can't find a way to confuse the
regular find binary into reversing the effect of a -s option, and mistakes in
the sudo configuration can't accidentally drop the -s.
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?65609>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
