Re: capabilities PATCH

• Next message: Bastien Noscera (ETL): "RE: little PPC problem, but found hackish solutions"
• Previous message: Roeland Th. Jansen: "Re: TLB IPI wait/oops"
• Maybe in reply to: Michal Kosek: "capabilities PATCH"
• Next in thread: Matan Ziv-Av: "Re: capabilities PATCH"
• Reply: Matan Ziv-Av: "Re: capabilities PATCH"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Michal Kosek <michau@august.v-lo.krakow.pl>
> > > ftp://ftp.v-lo.krakow.pl/pub/linux/patches/
> > >
> > > WHAT'S GOING ON WITH setuid(2) AND setgid(2)?
> > > This patch modifies the behaviour of these syscalls. Normal setuid(2)
> > > drops all his priviledges if it was called by root, but doesn't if it
> > > was called by normal user. Yes, it's because of POSIX.
> > > But now let's see at zgv. It is written as if it was suid-root. So it
> > > calls ioperm and then calls setuid to drop all his root priviledges.
> > > But now, if we make zgv suid to 'svga' user. Our uid is other than 0,
> > > so setuid won't change 'saved uid' and thus user will be able to setuid
> > > to 'svga' user back! Let's suppose we didn't turn 'access only to graphics
> >
> > Bug in the app then, not the kernel. If POSIX saved uid's are likely to be
> > a pain, then it's the app's responsibility to use setreuid() instead of
> > setuid(). Likewise for setregid().
>
> No, it's not a bug in zgv. The creators of zgv thought it will always be
> suid-root. And if euid=0, setuid() changes all his *uids to non-0 value,
> so application drops all his privileges.
> But my patch makes it possible make zgv suid to other user than root (it
> makes system much securer). But then setuid doesn't drop all privileges
> (because euid is not 0). And thus it can be possible to get back to
> previous uid and gain privilege of access to hardware ports (which can be
> very dangerous). That's why I modified it...

No, it isn't a bug in zgv, but you are using it outside of the designed
constraints that zgv was programmed for. That calls for some changes in
the application, not changes to the kernel.

-------------------------------------------------------------------------
Jesse I Pollard, II
Email: pollard@navo.hpc.mil

Any opinions expressed are solely my own.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Bastien Noscera (ETL): "RE: little PPC problem, but found hackish solutions"
• Previous message: Roeland Th. Jansen: "Re: TLB IPI wait/oops"
• Maybe in reply to: Michal Kosek: "capabilities PATCH"
• Next in thread: Matan Ziv-Av: "Re: capabilities PATCH"
• Reply: Matan Ziv-Av: "Re: capabilities PATCH"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Jun 07 2000 - 21:00:28 EST