Re: caps in elf, next itteration (the hack get's bigger)

David L. Parsley (kparse@salem.k12.va.us)
Fri, 9 Apr 1999 19:49:08 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alexander Viro: "Re: [RFC] set_blocksize() oddity."
Previous message: Brandon S. Allbery KF8NH: "Re: caps in elf, next itteration (the hack get's bigger)"

On Fri, 9 Apr 1999, Jonathan Walther wrote:

> On Fri, 9 Apr 1999, David L. Parsley (lkml account) wrote:
> > rather than the exception. Scripts will have to wait for FS support, and
> > setuid scripts will break with all the standard tools + nfs. I did forget
>
> Eh? How do you figure?

With cap support directly in the FS, it won't work across NFS, or after a
cp, tar, cpio, what have you without modifying all these tools. It also
won't work on any other fs without cap support. (of course) This solution
has the nice property of working _now_, (well, pending code obviously) and
having great compatibility with current Linux code.

> > > Another thing: with capabilities set in the filesystem, you don't have to
> > > muck with the suid semantics. Don't mess with this! The meaning of
> > > suid is all settled, don't go yanking it out from under our feet!
> > The meaning of 'setuid 0' is outdated, this is a better way to use it.
>
> No! I want backwards compatibility and easy portability and POSIX compliance
> in my code. Im not going to break POSIX just for Linux sake. Linux is not
> the only Unix platform I code on! With capabilities done in the FS, we have
> no NEED to change the meaning of suid, so we SHOULDNT.

This is nicely backwards compatible, since under older kernels setuid 0
will merely raise _all_ caps, as opposed to operation under 2.2.X kernels
where it only raises _some_ caps, and can run as another user. Besides,
_you_ can just de-select the 'Caps in ELF headers hack' option in the
kernel config. Myself and others can use it to secure our systems...

_Please_ give this a little more thought, and give me _specific_ examples
of where this would cause breakage. I wouldn't be arguing for this if it
wasn't an extremely useful feature with a lot of really excellent
properties...

>
>
> Jonathan Walther *ifItAin'tBrokeDon'tFixIt*
> Digital Video Broadcasting Systems
> http://216.100.231.12 (requires netscape)
>

- --
David L. Parsley
Network Specialist
City of Salem Schools

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alexander Viro: "Re: [RFC] set_blocksize() oddity."
Previous message: Brandon S. Allbery KF8NH: "Re: caps in elf, next itteration (the hack get's bigger)"