I'm a little confused:
PRIV_FILE_DAC_WRITE
Allow a process to write a file or directory whose per-
mission bits or ACL do not allow the process write per-
mission. All privileges are required to write files
owned by UID 0 in the absence of an effective UID of 0.
The part starting "in the absence of..." seems to break the least
privilege model as I understood it. In particular, I can escape my limit
set trivially by creating a new user account via /etc/ files, and
logging in through the network.
It seems that such a process is equivalent to full privileges unless
PRIV_PROC_FORK and/or PRIV_PROC_EXEC is also removed from the limit set.
Is this just a documentation thing, or have I got the wrong end of the
stick?
thanks
john
