Re: caps in elf, next itteration (the hack get's bigger)

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Matthew Sayler: "Re: Static Swap"
• Previous message: Juanjo Ciarlante: "Re: Portforwarding reboots machine on 2.2.3"
• In reply to: Juanjo Ciarlante: "Re: Portforwarding reboots machine on 2.2.3"
• Next in thread: David L. Parsley: "Re: caps in elf, next itteration (the hack get's bigger)"

OK, so it seems we agree that the suid-root approach is better than
the sticky bit approach.

Putting caps into FS metadata has its own problems: breaking large
numbers of programmes, NFS/CODA and more.

So the question is: is it better to have an ideologically pure caps
system (i.e. euid=0 means nothing), with the cost of breaking
everything, or is it better to have a practical caps system (where
euid=0 means all caps, but there might not be a root account) which is
100% compatible and secure?

I'm heavily in favour of a practical system. In fact, there's no
reason we can't have both. The practical system can be implemented in
user space (use a CAP ELF header and put magic into the dynamic
loader) if you want. For the purists, go ahead and put caps into FS
metadata and #ifdef out all the places in the kernel where euid=0
means something.

Let the marketplace decide which scheme wins.

Regards,

Richard....

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Matthew Sayler: "Re: Static Swap"
• Previous message: Juanjo Ciarlante: "Re: Portforwarding reboots machine on 2.2.3"
• In reply to: Juanjo Ciarlante: "Re: Portforwarding reboots machine on 2.2.3"
• Next in thread: David L. Parsley: "Re: caps in elf, next itteration (the hack get's bigger)"