From: Simo Sorce <simo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
To: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
Cc: linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
samba-technical-w/Ol4Ecudpl8XjKLYN78aQ@public.gmane.org
Subject: Re: [cifs-utils PATCH] cifs.upcall: trim even more capabilities
Date: Thu, 16 Feb 2017 10:07:25 -0500 [thread overview]
Message-ID: <1487257645.6697.8.camel@redhat.com> (raw)
In-Reply-To: <20170216145913.15848-1-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
Reviewed-by: Simo Sorce <simo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
On Thu, 2017-02-16 at 09:59 -0500, Jeff Layton wrote:
> We really only need CAP_DAC_READ_SEARCH, not CAP_DAC_OVERRIDE, and
> only when we are going to probe the environ file.
>
> Also, fix the non-libcap-ng trim_capabilities prototype.
>
> Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
> ---
> cifs.upcall.c | 17 ++++++++---------
> 1 file changed, 8 insertions(+), 9 deletions(-)
>
> diff --git a/cifs.upcall.c b/cifs.upcall.c
> index 6d9c427b7032..dae58b919408 100644
> --- a/cifs.upcall.c
> +++ b/cifs.upcall.c
> @@ -70,22 +70,21 @@ typedef enum _sectype {
>
> #ifdef HAVE_LIBCAP_NG
> static int
> -trim_capabilities(bool need_ptrace)
> +trim_capabilities(bool need_environ)
> {
> capng_clear(CAPNG_SELECT_BOTH);
>
> - /*
> - * Need PTRACE and DAC_OVERRIDE for environment scraping, SETGID to
> - * change gid and grouplist, and SETUID to change uid.
> - */
> + /* SETUID and SETGID to change uid, gid, and grouplist */
> if (capng_updatev(CAPNG_ADD, CAPNG_PERMITTED|CAPNG_EFFECTIVE,
> - CAP_SETUID, CAP_SETGID, CAP_DAC_OVERRIDE, -1)) {
> + CAP_SETUID, CAP_SETGID, -1)) {
> syslog(LOG_ERR, "%s: Unable to update capability set: %m\n", __func__);
> return 1;
> }
>
> - if (need_ptrace &&
> - capng_update(CAPNG_ADD, CAPNG_PERMITTED|CAPNG_EFFECTIVE, CAP_SYS_PTRACE)) {
> + /* Need PTRACE and DAC_OVERRIDE for environment scraping */
> + if (need_environ &&
> + capng_updatev(CAPNG_ADD, CAPNG_PERMITTED|CAPNG_EFFECTIVE,
> + CAP_SYS_PTRACE, CAP_DAC_READ_SEARCH, -1)) {
> syslog(LOG_ERR, "%s: Unable to update capability set: %m\n", __func__);
> return 1;
> }
> @@ -109,7 +108,7 @@ drop_all_capabilities(void)
> }
> #else /* HAVE_LIBCAP_NG */
> static int
> -trim_capabilities(void)
> +trim_capabilities(bool unused)
> {
> return 0;
> }
--
Simo Sorce * Red Hat, Inc * New York
next prev parent reply other threads:[~2017-02-16 15:07 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-16 14:59 [cifs-utils PATCH] cifs.upcall: trim even more capabilities Jeff Layton
[not found] ` <20170216145913.15848-1-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
2017-02-16 15:07 ` Simo Sorce [this message]
2017-02-16 17:28 ` Pavel Shilovsky
[not found] ` <CAKywueQiDRKZPW3ev7OBmXea=h7W1bc_5rtf9Ds7NChVm6=gbg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-02-16 17:44 ` Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1487257645.6697.8.camel@redhat.com \
--to=simo-h+wxahxf7alqt0dzr+alfa@public.gmane.org \
--cc=jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org \
--cc=linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=samba-technical-w/Ol4Ecudpl8XjKLYN78aQ@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.