Re: [PATCH] x86: Lock down MSR writing in secure boot

From: H. Peter Anvin
Date: Wed Feb 13 2013 - 17:28:16 EST

Next message: Eric W. Biederman: "Re: [PATCH review 52/85] sunrpc: Properly encode kuids and kgids in auth.unix.gid rpc pipe upcalls."
Previous message: Mimi Zohar: "Re: [PATCH 2/2] ima: Support appraise_type=imasig_optional"
In reply to: Matthew Garrett: "Re: [PATCH] x86: Lock down MSR writing in secure boot"
Next in thread: Casey Schaufler: "Re: [PATCH] x86: Lock down MSR writing in secure boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 02/13/2013 09:51 AM, Casey Schaufler wrote:

You can't add a new capability where there is an existing capability
that can be remotely argued to be appropriate.

If you tried to "fix" CAP_SYS_RAWIO and/or CAP_SYS_ADMIN you'd end
up with hundreds of capabilities.

Your particular problem is *not* so important that you get a
capability all to yourself.

{facepalm}

This is exactly the kind of thinking which has led to the capability system being so bloody useless.

Capabilities need to be associated with resources, not use cases.

-hpa

--
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel. I don't speak on their behalf.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Eric W. Biederman: "Re: [PATCH review 52/85] sunrpc: Properly encode kuids and kgids in auth.unix.gid rpc pipe upcalls."
Previous message: Mimi Zohar: "Re: [PATCH 2/2] ima: Support appraise_type=imasig_optional"
In reply to: Matthew Garrett: "Re: [PATCH] x86: Lock down MSR writing in secure boot"
Next in thread: Casey Schaufler: "Re: [PATCH] x86: Lock down MSR writing in secure boot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]