Linda Walsh writes:
> "Albert D. Cahalan" wrote:
>> So you only need one system call for this. No CAP_* bit required.
>>
>> int sysluid(int arg){
>> int old = current->luid;
>> if(old) return old;
>> current->luid = arg;
>> return arg;
>> }
>>
>> If login fails to set LUID then, yes, normal users can mess with it.
>> This is OK because your system wasn't using it anyway.
> ---
> I like it, unfortunately it won't do everything I need.
> 1) init should start up with LUID==-1 (it's not a valid login ID).
> 2) Account 0 should be audited when root logs in.
> In the above implementation you are relying on root having privileged
> status. In a capability based system 'root' is just another user to
> be monitored and may have no privilege.
These are minor details.
1) Using -1 in place of 0 would work fine.
2) 'root' need not be monitored (just disable the account)
int sysluid(int arg){
int old = current->luid;
if(old+1) return old;
/* LUID is -1, so it can be modified */
current->luid = arg;
return arg;
}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Apr 15 2000 - 21:00:26 EST