Re: Capabilities across execve
From: Chris Wright
Date: Sat Mar 12 2005 - 22:22:36 EST
* Alexander Nyberg (alexn@xxxxxxxxx) wrote:
> This makes it possible for a root-task to pass capabilities to
> nonroot-task across execve. The root-task needs to change it's
> cap_inheritable mask and set prctl(PR_SET_KEEPCAPS, 1) to pass on
This overloads keepcaps, which could surprise to existing users.
> At execve time the capabilities will be passed on to the new
> nonroot-task and any non-inheritable effective and permitted
> capabilities will be masked out.
> The effective capability of the new nonroot-task will be set to the
> maximum permitted.
What happens to eff on setuid() to non-root or restore to uid 0?
What happens if you exec a setuid-root binary, or a setuid-nonroot binary?
How about ptrace?
Here's the tests I use.
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
Description: GNU Unix tar archive