Re: Secure-linux and standard kernel

Chris Evans (chris@ferret.lmh.ox.ac.uk)
Thu, 25 Jun 1998 01:16:35 +0100 (BST)


On Thu, 25 Jun 1998, MOLNAR Ingo wrote:

> if 'ping' is setuid root and the first thing say ping.c does is:
>
> drop_cap(ALL_BUT_RAWSOCKET);

Yes this is good isn't it. Note that traceroute's a better example; ping
for linux already does:

main()
fd = socket(SOCK_RAW ...)
setuid(getuid());

rlogin, rsh, dump, restore, even lpr, lprm, lpq, etc. all benefit a
similar way with

drop_cap(ALL_BUT_BIND_TO_LOW_PORT);

Chris

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu