Re: PATCH: cdrecord: avoiding scsi device numbering for ide devices
From: Andreas Steinmetz
Date: Fri Aug 20 2004 - 18:32:14 EST
Kyle Moffett wrote:
Chosen solution for 2.6.8.1:
Only allow certain known-safe commands, anything else needs
root privileges, specifically CAP_SYS_RAWIO or CAP_SYS_ADMIN,
(Seems sane, and follows with the general design of the rest of the
kernel).
To make this clear first: I don't want to step on anyone's toes.
So here is a snippet of code that should work nicely on 2.4 and 2.6 (the
latter with the sanitized kernel headers) to set the required
capabiltities in a setuid() wrapper:
#include <unistd.h>
#include <linux/capability.h>
#include <sys/prctl.h>
extern int capset(cap_user_header_t header, const cap_user_data_t data);
int do_setuid(uid_t uid)
{
int r;
struct __user_cap_header_struct h;
struct __user_cap_data_struct c;
if(geteuid())return setuid(uid);
memset(&h,0,sizeof(h));
h.version=_LINUX_CAPABILITY_VERSION;
h.pid=0;
memset(&c,0,sizeof(c));
c.effective=1<<CAP_SYS_RAWIO|1<<CAP_SYS_ADMIN|1<<CAP_SETUID;
c.permitted=1<<CAP_SYS_RAWIO|1<<CAP_SYS_ADMIN|1<<CAP_SETUID;
c.inheritable=0;
capset(&h,&c);
prctl(PR_SET_KEEPCAPS,1,0,0,0);
r=setuid(uid);
memset(&h,0,sizeof(h));
h.version=_LINUX_CAPABILITY_VERSION;
h.pid=0;
memset(&c,0,sizeof(c));
c.effective=1<<CAP_SYS_RAWIO|1<<CAP_SYS_ADMIN;
c.permitted=1<<CAP_SYS_RAWIO|1<<CAP_SYS_ADMIN;
c.inheritable=0;
capset(&h,&c);
prctl(PR_SET_KEEPCAPS,0,0,0,0);
return r;
}
Now this is what free software is all about. Reuse of knowledge for
everyone. Jörg, feel free to use the above code. Note that the
CAP_SETUID usage is a workaround for a 2.4 bug.
--
Andreas Steinmetz SPAMmers use robotrap@xxxxxxxx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/