Re: request: capabilities that allow users to drop privileges further

From: Martin Waitz
Date: Tue Dec 16 2003 - 09:14:00 EST

Next message: Claas Langbehn: "[2.6.0-test11] VIA IDE DMA problems with sleeping harddisk"
Previous message: Martin Waitz: "Re: request: capabilities that allow users to drop privileges further"
In reply to: Martin Waitz: "Re: request: capabilities that allow users to drop privileges further"
Next in thread: Felix von Leitner: "Re: request: capabilities that allow users to drop privileges further"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hi :)

On Mon, Dec 15, 2003 at 02:48:09PM -0800, Chris Wright wrote:
> > * ptrace
>
> drop CAP_SYS_PTRACE
that will only help agains ptracing foreign processes.
you can still debug your own ones.

so this does not help agains buffer overflows&co in ptrace

--
CU, / Friedrich-Alexander University Erlangen, Germany
Martin Waitz // Department of Computer Science 3 _________
______________/// - - - - - - - - - - - - - - - - - - - - ///
dies ist eine manuell generierte mail, sie beinhaltet //
tippfehler und ist auch ohne grossbuchstaben gueltig. /

Attachment: pgp00004.pgp
Description: PGP signature

Next message: Claas Langbehn: "[2.6.0-test11] VIA IDE DMA problems with sleeping harddisk"
Previous message: Martin Waitz: "Re: request: capabilities that allow users to drop privileges further"
In reply to: Martin Waitz: "Re: request: capabilities that allow users to drop privileges further"
Next in thread: Felix von Leitner: "Re: request: capabilities that allow users to drop privileges further"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]