Re: [PATCH] Completely honor prctl(PR_SET_KEEPCAPS, 1)

• Next message: Charles A. Clinton: "Re: Fwd: Re: bug in tmpfs"
• Previous message: Joaquin Rapela: "Re: es1371 sound problem"
• In reply to: chris@scary.beasts.org: "Re: [PATCH] Completely honor prctl(PR_SET_KEEPCAPS, 1)"
• Next in thread: Dax Kelson: "[RFC] Making capabilites useful with legacy apps"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 8 May 2002, chris@scary.beasts.org wrote:

> Are you sure about the current behaviour? Taking vsftpd as an example, it
> does
>
1 prctl()
2 setuid()
3 setgid()
4 cap_set_proc()
 
> i.e. it only fiddles with capabilities after dropping euid == 0. Of
> course, someone is welcome to fiddle with capabilities while euid == 0.

Sure this can be done before and after the proposed patch, end results are
the same. The difference would be what the effective caps are at step
3.5.

The point is when doing PR_SET_KEEPCAPS, one would expect not to have my
caps fiddled with at all.

Dax

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Charles A. Clinton: "Re: Fwd: Re: bug in tmpfs"
• Previous message: Joaquin Rapela: "Re: es1371 sound problem"
• In reply to: chris@scary.beasts.org: "Re: [PATCH] Completely honor prctl(PR_SET_KEEPCAPS, 1)"
• Next in thread: Dax Kelson: "[RFC] Making capabilites useful with legacy apps"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue May 14 2002 - 12:00:10 EST