suggestion: msgctl(IPC_RMID) req CAP_IPC_OWNER instead of CAP_SYS_ADMIN

From: starlight
Date: Sat Jan 02 2010 - 01:17:12 EST

Next message: David John: "[PATCH v2] Check the node argument passed to cpumask_of_node"
Previous message: Greg KH: "Re: [PATCH] sysfs: Cache the last sysfs_dirent to improve readdirscalability v2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

We have a service daemon that must on occasion clean up orphaned
SVR4/POSIX message queues left over by dead client processes.

The service daemon runs with least privileges, and it receives a
small set of capabilities that its job demands.

However I was surprised to see that CAP_SYS_ADMIN is needed when
using IPC_RMID to remove message queues owned by other user
IDs. This is a powerful and dangerous privilege and I dislike
assigning it to the daemon. Seems to me that CAP_IPC_OWNER is a
better fit for this function.

This is just a suggestion. Please respond with my e-mail CCed
as I am not a list subscriber.

Regards

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David John: "[PATCH v2] Check the node argument passed to cpumask_of_node"
Previous message: Greg KH: "Re: [PATCH] sysfs: Cache the last sysfs_dirent to improve readdirscalability v2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]