Hi!
>> Granted the setuid bit disables the elfcap, unless run as root....
>
>The "unless run as root" part need not be true. There are many ways
>to deal with that:
>
>a. the check is NOT for UID alone; the setuid bit MUST be set
>b. panic the kernel if a buggy UID 0 process tries this trick
>c. anything else, since no process should have UID 0
>
>As I recall, method "a" is actually implemented.
I do not think so., but I don't have sources handy... [writting in tramway on machine with 12MB disk]
Pavel
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Jun 23 2000 - 21:00:16 EST