Re: Capabilities..

From: Mike A. Harris (mharris@meteng.on.ca)
Date: Tue Jul 25 2000 - 17:05:55 EST


On Tue, 25 Jul 2000, Khimenko Victor wrote:

>Date: Tue, 25 Jul 2000 20:37:50 +0400 (MSD)
>From: Khimenko Victor <khim@sch57.msk.ru>
>To: mharris@meteng.on.ca, linux-kernel@vger.rutgers.edu
>Subject: Re: Capabilities..
>
>In <Pine.LNX.4.21.0007251109190.30742-100000@asdf.capslock.lan> Mike A. Harris (mharris@meteng.on.ca) wrote:
>> How does one exercise the CAP_SYSPCAP capability? In other
>> words, if root starts up with all capabilities as defined in the
>> cap-bound set, how does root pass a capability to another PID?
>
>With capset(2) obviously...

Wasn't too obvious to me:

2 root@asdf:/usr/man/man2# man capset
No manual entry for capset
2 root@asdf:/usr/man/man2# man 2 capset
No entry for capset in section 2 of the manual
2 root@asdf:/usr/man/man2# whatis capset
capset: nothing appropriate
2 root@asdf:/usr/man/man2# apropos capset
capset: nothing appropriate
2 root@asdf:/usr/man/man2# locate capset
2 root@asdf:/usr/man/man2#

I'll go search freshmeat or something I guess...

>> Is there a userland utility that root can run to give other PID's
>> other capabilities?
>
>I do not remember name but I saw such utility somewhere...

Ok, thats good, at least I know I wont be searching in vain then.

>> Or am I misunderstanding the purpose of this CAP? If I'm understanding it
>> correctly, why then are system daemons that require root privs, not instead
>> getting only the required CAP's passed to them somehow?
>
>Since this is big and complex task to transfer all userland from "root is god"
>model to capabilities model perhaps ? Plus most daemons are not written
>for Linux and thus do not support such scheme natively.

Right, I understand that, what I meant is by using this feature,
could such daemons be un-rooted, and have the capabilities that
they need, but I think you just answered "yes" to that.

>> Any help in understanding this, and finding existing utils would
>> be greatly appreciated.
>
>We do not have "Trusted Linux" (where UID 0 is just UID 0 and does not have
>special power) yet, not even close. I know of no distrubution where such
>work (reduce capabilities for only needed ones on daemon startup) is even
>started.

Hmm. I'm going to hunt on lwn.net or somewhere and see if I can
find a cap-enabled system to explore. Thanks for the info!

TTYL

-- 
Mike A. Harris                                     Linux advocate     
Computer Consultant                                  GNU advocate  
Capslock Consulting                          Open Source advocate

... Our continuing mission: To seek out knowledge of C, to explore strange UNIX commands, and to boldly code where no one has man page 4.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Mon Jul 31 2000 - 21:00:20 EST