From: Nicholas Hans Simmonds <nhstux@gmail.com>
To: Nathan Scott <nathans@sgi.com>
Cc: linux-kernel@vger.kernel.org,
"Andrew G. Morgan" <morgan@transmeta.com>,
Alexey Dobriyan <adobriyan@gmail.com>
Subject: Re: [PATCH] Filesystem capabilities support
Date: Wed, 13 Jul 2005 07:29:55 +0100 [thread overview]
Message-ID: <20050713062955.GA1609@laptop> (raw)
In-Reply-To: <20050706045652.GB1773@frodo>
On Wed, Jul 06, 2005 at 02:56:52PM +1000, Nathan Scott wrote:
> Hi Nicholas,
>
> On Sat, Jul 02, 2005 at 10:41:08PM +0100, Nicholas Hans Simmonds wrote:
> > This is a simple attempt at providing capability support through extended
> > attributes.
> > ...
> > +#define XATTR_CAP_SET XATTR_SECURITY_PREFIX "cap_set"
> > ...
> > + ret = bprm_getxattr(bprm_dentry,XATTR_CAP_SET,&caps,sizeof(caps));
> > + if(ret == sizeof(caps)) {
> > + if(caps.version == _LINUX_CAPABILITY_VERSION) {
> > + cap_t(bprm->cap_effective) &= caps.mask_effective;
> > ...
>
> Since this is being stored on-disk, you may want to consider
> endianness issues. I guess for binaries this isn't really a
> problem (since they're unlikely to be run on other platforms),
> though perhaps it is for shell scripts and the like. Storing
> values in native endianness poses problems for backup/restore
> programs, NFS, etc.
>
> IIRC, the other LSM security attribute values are stored as
> ASCII strings on-disk to avoid this sort of issue.
>
> cheers.
>
Sorry, my earlier reply seems to have gotten lost somewhere. I've been
pondering this issue for some time and am still not sure what's the best
answer. I've attached a small patch which handles this by detecting byte
swapping of the version code. I'm not convinced it's necessary but
shouldn't hurt.
diff --git a/security/commoncap.c b/security/commoncap.c
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -153,6 +153,15 @@ int cap_bprm_set_security (struct linux_
down(&bprm_dentry->d_inode->i_sem);
ret = bprm_getxattr(bprm_dentry,XATTR_CAP_SET,&caps,sizeof(caps));
if(ret == sizeof(caps)) {
+ if(caps.version = swab32(_LINUX_CAPABILITY_VERSION)) {
+ swab32s(&caps.version);
+ swab32s(&caps.effective);
+ swab32s(&caps.mask_effective);
+ swab32s(&caps.permitted);
+ swab32s(&caps.mask_permitted);
+ swab32s(&caps.inheritable);
+ swab32s(&caps.mask_inheritable);
+ }
if(caps.version == _LINUX_CAPABILITY_VERSION) {
cap_t(bprm->cap_effective) &= caps.mask_effective;
cap_t(bprm->cap_effective) |= caps.effective;
next prev parent reply other threads:[~2005-07-13 6:31 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-02 21:41 [PATCH] Filesystem capabilities support Nicholas Hans Simmonds
2005-07-02 23:01 ` Alexey Dobriyan
2005-07-03 0:14 ` Nicholas Hans Simmonds
2005-07-06 4:56 ` Nathan Scott
2005-07-04 14:27 ` Nicholas Hans Simmonds
2005-07-13 6:29 ` Nicholas Hans Simmonds [this message]
2005-07-13 17:51 ` Horst von Brand
2005-07-14 4:29 ` Nicholas Hans Simmonds
2005-07-14 20:05 ` Horst von Brand
2005-07-16 14:23 ` Nicholas Hans Simmonds
2005-07-15 3:45 ` Jesper Juhl
2005-07-16 15:42 ` Nicholas Hans Simmonds
-- strict thread matches above, loose matches on Subject: below --
2005-07-24 13:36 Arnout Engelen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050713062955.GA1609@laptop \
--to=nhstux@gmail.com \
--cc=adobriyan@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=morgan@transmeta.com \
--cc=nathans@sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.