Re: capabilities in elf headers, (my) final (and shortest) iteration

Horst von Brand (vonbrand@inf.utfsm.cl)
Tue, 20 Apr 1999 12:03:42 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tom Cross: "Rocket port SMP safe?"
Previous message: Horst von Brand: "Re: capabilities in elf headers, (my) final (and shortest) iteration"

"David L. Parsley (lkml account)" <kparse@salem.k12.va.us> said:
> On Sun, 18 Apr 1999, Pavel Machek wrote:
> > No it is not. You can still make interpretter suid root, and
> > interpretter will have to look if script is marked, and in such case
> > interpretter will have to interpret 'capability headers' in the
> > script. (You can use your #! idea if you want.) But suid interpretter
> > will be the one who parses capabilities.

> Yes, you are correct; the interpreter should just get a (mostly) full cap
> set and parse the caps itself. Mine was a hairbrained idea, but at least
> it generated a better one. ;-)

It _is_ harebrained: You want to make the system secure by auditing each
capable piece of software (at least those with dangerous capabilities,
however defined), and for stuff like the Perl interpreter this is hopeless,
or at least makes the whole exercise pointless.

And again, what is going to stop me from faking capabilities in the script
when I write it?

-- Dr. Horst H. von Brand mailto:vonbrand@inf.utfsm.cl Departamento de Informatica Fono: +56 32 654431 Universidad Tecnica Federico Santa Maria +56 32 654239 Casilla 110-V, Valparaiso, Chile Fax: +56 32 797513

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Tom Cross: "Rocket port SMP safe?"
Previous message: Horst von Brand: "Re: capabilities in elf headers, (my) final (and shortest) iteration"