> Uh...I wasn't able to create a user with UID == -1, but I was able to create a user
> with UID 65535 and login worked -- did an 'id' command after logging in and it said I was id 65535.
> I can also 'su' to the name:
And you will find odd things occur in some cases. You'll notice for example
that apache specifically checks that case.
> subvert the mechanism. Being 'root', with no CAP's, I could probably write to
> /dev/mem or /dev/kmem I would think. So we can't get too smug about protection.
The intention of CAP_SYS_RAWIO is that it takes away _all_ ability to talk
directly to hardware. That includes /dev/mem and /dev/kmem.
>
> ...so...I don't get it...why does UID==65535 work? Maybe parts of the kernel are already treating
> it as 32-bit?
(uid_t) -1 is special only to some calls.
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Apr 23 2000 - 21:00:08 EST