Re: Linux capabilities shouldn't be lost during setuid to non-root from root or to another non-root uid from a non-root uid.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Serge E. Hallyn" <serge@hallyn.com>
To: crocket <crockabiscuit@gmail.com>,
	Michael Kerrisk <mtk.manpages@gmail.com>,
	Andrew Morgan <morgan@kernel.org>
Cc: linux-kernel@vger.kernel.org
Subject: Re: Linux capabilities shouldn't be lost during setuid to non-root from root or to another non-root uid from a non-root uid.
Date: Tue, 19 Apr 2011 09:35:48 -0500	[thread overview]
Message-ID: <20110419143548.GA26461@hallyn.com> (raw)
In-Reply-To: <BANLkTimELd0WhNYkaQOQuV1vnr+5jAgTZA@mail.gmail.com>

Quoting crocket (crockabiscuit@gmail.com):
> Thanks for the precious information.
> 
> I think capsh should be introduced somewhere in some manuals.

Would mentioning capsh in capabilities(7) be a good idea?

> On Tue, Apr 19, 2011 at 10:14 AM, crocket <crockabiscuit@gmail.com> wrote:
> > Is there an existing utility that sets SECBIT_NO_SETUID_FIXUP?
> > Or is there a way to set it without writing a C wrapper program?
> >
> > On Tue, Apr 19, 2011 at 7:02 AM, Serge E. Hallyn <serge@hallyn.com> wrote:
> >> Quoting crocket (crockabiscuit@gmail.com):
> >>> I have several questions.
> >>>
> >>> 1) How do I set SECBIT_NO_SETUID_FIXUP?
> >>
> >> prctl(PR_SET_SECUREBITS, SECBIT_NO_SETUID_FIXUP | SECBIT_NO_SETUID_FIXUP_LOCKED)
> >>
> >> see capabilities(7) for details.
> >>
> >>> 2) Is there any reason to unset SECBIT_NO_SETUID_FIXUP by default?
> >>
> >> Yes, because it's what userspace expects.  If you prefer to run in
> >> a full POSIX capabilities environment with unprivileged root, you
> >> can have init set SECBIT_NO_SETUID_FIXUP and SECBIT_NOROOT and
> >> tune userspace to do the right thing, but it's not trivial.
> >>
> >> -serge
> >>
> >

next prev parent reply	other threads:[~2011-04-19 14:35 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-04-17 14:05 Linux capabilities shouldn't be lost during setuid to non-root from root or to another non-root uid from a non-root uid crocket
2011-04-17 18:07 ` Serge E. Hallyn
2011-04-18  1:20   ` crocket
2011-04-18  2:05     ` Serge E. Hallyn
2011-04-18  7:21   ` crocket
2011-04-18  8:28     ` Serge E. Hallyn
2011-04-18 15:02       ` crocket
2011-04-18 22:02         ` Serge E. Hallyn
2011-04-19  1:14           ` crocket
2011-04-19  1:29             ` Serge E. Hallyn
2011-04-19 14:27             ` crocket
2011-04-19 14:35               ` Serge E. Hallyn [this message]
2011-04-20 23:51                 ` crocket

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20110419143548.GA26461@hallyn.com \
    --to=serge@hallyn.com \
    --cc=crockabiscuit@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=morgan@kernel.org \
    --cc=mtk.manpages@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.