Re: [PATCH] capabilities/syslog: open code cap_syslog logic to fixbuild failure
From: Serge Hallyn
Date: Thu Nov 18 2010 - 17:22:14 EST
Quoting Kees Cook (kees.cook@xxxxxxxxxxxxx):
> Hi Serge,
>
> On Thu, Nov 18, 2010 at 08:26:24AM -0600, Serge E. Hallyn wrote:
> > Quoting Eric Paris (eparis@xxxxxxxxxx):
> > > @@ -274,7 +274,20 @@ int do_syslog(int type, char __user *buf, int len, bool from_file)
> > > char c;
> > > int error = 0;
> > >
> > > - error = security_syslog(type, from_file);
> > > + /*
> > > + * If this is from /proc/kmsg we only do the capabilities checks
> > > + * at open time.
> > > + */
> > > + if (type == SYSLOG_ACTION_OPEN || !from_file) {
> > > + if (dmesg_restrict && !capable(CAP_SYS_ADMIN))
> >
> > Any chance we could introduce a new capability for this?
>
> Wasn't there talk of creating CAP_SYSLOG or something? Right now most
> sysklogd implementations are just starting life as root, so making this
> change now shouldn't break anyone.
Uh, huh. I guess the last it was discussed was in March,
http://thread.gmane.org/gmane.linux.kernel.lsm/10615 . I
think not enough people argued about it so it slipped my
mind :) We need someone to flame to drive continued discussion :)
-serge
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/