Re: [PATCH 0/2] capabilities

From: Paul Jakma
Date: Fri May 14 2004 - 19:07:51 EST

Next message: Andrew Morton: "Re: [4KSTACK][2.6.6] Stack overflow in radeonfb"
Previous message: Joseph Fannin: "Re: 2.6.6-mm2"
In reply to: Andrew Morton: "Re: [PATCH 0/2] capabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 12 May 2004, Andy Lutomirski wrote:

> Like something that turns KEEPCAPS on then setuid()s then executes
> an untrusted program? It's obviously wrong, but it's secure
> currently since the exec wipes capabilities. And no one would
> notice. Ugh!

Definitely wrong.

> The prctl would defeat the purpose (imagine if bash forgot the
> prctl -- then the whole thing is pointless).

Capabilities aware programmes are most likely already setting
PR_SET_KEEPCAPS anyway if they're doing anything half-fancy. Another
prctl() wont hurt too much if it is the only way to guarantee
backward compatible security (?).

regards,
--
Paul Jakma paul@xxxxxxxx paul@xxxxxxxxx Key ID: 64A2FF6A
warning: do not ever send email to spam@xxxxxxxxxx
Fortune:
"I go on working for the same reason a hen goes on laying eggs."
- H. L. Mencken
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [4KSTACK][2.6.6] Stack overflow in radeonfb"
Previous message: Joseph Fannin: "Re: 2.6.6-mm2"
In reply to: Andrew Morton: "Re: [PATCH 0/2] capabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]