From: Peter Williams <pwil3058@bigpond.net.au>
To: "Jack O'Quin" <joq@io.com>
Cc: Paul Davis <paul@linuxaudiosystems.com>,
"Bill Huey (hui)" <bhuey@lnxw.com>, Ingo Molnar <mingo@elte.hu>,
Nick Piggin <nickpiggin@yahoo.com.au>,
Con Kolivas <kernel@kolivas.org>,
linux <linux-kernel@vger.kernel.org>,
rlrevell@joe-job.com, CK Kernel <ck@vds.kolivas.org>,
utz <utz@s2y4n2c.de>, Andrew Morton <akpm@osdl.org>,
alexn@dsv.su.se, Rui Nuno Capela <rncbc@rncbc.org>,
Chris Wright <chrisw@osdl.org>,
Arjan van de Ven <arjanv@redhat.com>
Subject: Re: [patch, 2.6.11-rc2] sched: RLIMIT_RT_CPU_RATIO feature
Date: Thu, 03 Feb 2005 14:10:43 +1100 [thread overview]
Message-ID: <42019633.80803@bigpond.net.au> (raw)
In-Reply-To: <87d5viigyo.fsf@sulphur.joq.us>
Jack O'Quin wrote:
> Peter Williams <pwil3058@bigpond.net.au> writes:
>
>
>>>>If you have the source code for the programs then they could be
>>>>modified to drop the root euid after they've changed policy. Or
>>>>even do the
>
>
>>Paul Davis wrote:
>>
>>>This is insufficient, since they need to be able to drop RT
>>>scheduling and then reacquire it again later.
>
>
>>I believe that there are mechanisms that allow this. The setuid man
>>page states that a process with non root real uid but setuid as root
>>can use the seteuid call to use the _POSIX_SAVED_IDS mechanism to
>>drop and regain root privileges as required.
>
>
> Which every system cracker knows. Any attack on such a program is
> going to re-acquire root privileges and take over the system.
>
> Temporarily dropping privileges gains no security whatsoever. It is
> nothing more than a coding convenience.
Yes, to help avoid accidentally misusing the privileges.
> The program remains *inside*
> the system security perimeter.
Which is why you have to be careful in writing setuid programs.
Peter
--
Peter Williams pwil3058@bigpond.net.au
"Learning, n. The kind of ignorance distinguishing the studious."
-- Ambrose Bierce
next prev parent reply other threads:[~2005-02-03 3:11 UTC|newest]
Thread overview: 198+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-19 22:39 [PATCH]sched: Isochronous class v2 for unprivileged soft rt scheduling Con Kolivas
2005-01-20 0:16 ` utz lehmann
2005-01-20 0:33 ` Con Kolivas
2005-01-20 4:26 ` utz lehmann
2005-01-20 5:55 ` Con Kolivas
2005-01-20 17:54 ` Alexander Nyberg
2005-01-20 20:27 ` Con Kolivas
2005-01-20 0:53 ` Con Kolivas
2005-01-20 1:32 ` Jack O'Quin
2005-01-20 2:06 ` Con Kolivas
2005-01-20 2:45 ` Jack O'Quin
2005-01-20 4:07 ` Con Kolivas
2005-01-20 4:57 ` Jack O'Quin
2005-01-20 5:05 ` Gene Heskett
2005-01-20 5:59 ` Con Kolivas
2005-01-20 6:35 ` Con Kolivas
2005-01-20 15:19 ` Jack O'Quin
2005-01-20 15:42 ` Paul Davis
2005-01-20 16:47 ` Jack O'Quin
2005-01-20 17:25 ` Ingo Molnar
2005-01-22 0:09 ` Jack O'Quin
2005-01-22 16:54 ` Ingo Molnar
2005-01-22 21:23 ` Jack O'Quin
2005-01-23 2:06 ` Nick Piggin
2005-01-23 2:58 ` Chris Wright
2005-01-24 8:59 ` Ingo Molnar
2005-01-24 9:55 ` Paolo Ciarrocchi
2005-01-24 10:29 ` Nick Piggin
2005-01-24 10:46 ` Ingo Molnar
2005-01-24 12:58 ` [patch, 2.6.11-rc2] sched: /proc/sys/kernel/rt_cpu_limit tunable Ingo Molnar
2005-01-24 13:34 ` Ingo Molnar
2005-01-24 13:53 ` Con Kolivas
2005-01-24 14:01 ` [ck] " Con Kolivas
[not found] ` <87k6q2umla.fsf@sulphur.joq.us>
2005-01-25 6:28 ` Nick Piggin
2005-01-25 14:12 ` Ingo Molnar
2005-01-25 8:37 ` Ingo Molnar
2005-01-25 21:36 ` Jack O'Quin
2005-01-25 21:49 ` Ingo Molnar
2005-01-25 21:55 ` Chris Wright
2005-01-25 21:57 ` Ingo Molnar
2005-01-25 22:03 ` Chris Wright
2005-01-25 22:08 ` Ingo Molnar
2005-01-25 22:16 ` Chris Wright
2005-01-25 22:44 ` Bill Rugolsky Jr.
2005-01-26 5:12 ` Jack O'Quin
2005-01-26 7:27 ` Ingo Molnar
2005-01-26 11:02 ` [patch, 2.6.11-rc2] sched: RLIMIT_RT_CPU feature, -D7 Ingo Molnar
2005-01-25 13:56 ` [patch, 2.6.11-rc2] sched: RLIMIT_RT_CPU_RATIO feature Ingo Molnar
2005-01-25 14:06 ` Con Kolivas
2005-01-25 22:18 ` Peter Williams
2005-01-25 22:26 ` Peter Williams
2005-01-26 10:08 ` [patch, 2.6.11-rc2] sched: RLIMIT_RT_CPU feature, -D7 Ingo Molnar
2005-01-26 14:22 ` Jack O'Quin
2005-01-26 16:18 ` [ck] " Cal
2005-01-26 16:29 ` Cal
2005-01-26 16:41 ` Jack O'Quin
2005-01-26 17:57 ` Cal
2005-01-26 18:57 ` Jack O'Quin
2005-01-27 2:03 ` Cal
2005-01-27 8:51 ` [patch, 2.6.11-rc2] sched: RLIMIT_RT_CPU feature, -D8 Ingo Molnar
2005-01-27 12:48 ` Cal
2005-01-27 16:31 ` Mike Galbraith
2005-01-26 21:28 ` [patch, 2.6.11-rc2] sched: RLIMIT_RT_CPU feature, -D7 Peter Williams
2005-01-26 21:44 ` Peter Williams
2005-01-26 9:20 ` [patch, 2.6.11-rc2] sched: RLIMIT_RT_CPU_RATIO feature Ingo Molnar
2005-01-31 23:03 ` Peter Williams
2005-02-01 10:11 ` [patch] sys_setpriority() euid semantics fix Ingo Molnar
2005-02-01 21:46 ` Peter Williams
2005-01-26 5:24 ` [patch, 2.6.11-rc2] sched: RLIMIT_RT_CPU_RATIO feature Jack O'Quin
2005-01-26 7:04 ` Ingo Molnar
2005-01-26 22:27 ` Jack O'Quin
2005-01-26 23:29 ` Nick Piggin
2005-01-27 2:31 ` Jack O'Quin
2005-01-27 3:26 ` Nick Piggin
2005-01-27 5:15 ` Jack O'Quin
2005-01-27 5:54 ` Nick Piggin
2005-01-27 8:35 ` Ingo Molnar
2005-01-27 8:59 ` Ingo Molnar
2005-01-27 11:35 ` Ingo Molnar
2005-02-02 5:10 ` Jack O'Quin
2005-02-02 11:10 ` Bill Huey
2005-02-02 16:44 ` Jack O'Quin
2005-02-02 21:14 ` Bill Huey
2005-02-02 21:20 ` Bill Huey
2005-02-02 21:21 ` Ingo Molnar
2005-02-02 21:34 ` Bill Huey
2005-02-02 22:59 ` Paul Davis
2005-02-03 2:46 ` Bill Huey
2005-02-03 14:20 ` Paul Davis
2005-02-03 20:19 ` Con Kolivas
2005-02-03 20:47 ` Ingo Molnar
2005-02-03 21:15 ` Paul Davis
2005-02-03 21:28 ` Ingo Molnar
2005-02-03 21:41 ` Paul Davis
2005-02-03 21:59 ` Ingo Molnar
2005-02-03 22:24 ` Paul Davis
2005-02-03 22:26 ` Ingo Molnar
2005-02-04 0:36 ` Tristan Wibberley
2005-02-03 21:48 ` Peter Williams
2005-02-04 16:41 ` Jack O'Quin
2005-02-04 21:38 ` Peter Williams
2005-02-03 21:41 ` Ingo Molnar
2005-02-03 23:01 ` Bill Huey
2005-02-11 21:27 ` Lee Revell
2005-02-02 21:54 ` Peter Williams
2005-02-02 23:03 ` Paul Davis
2005-02-02 23:46 ` Peter Williams
2005-02-03 1:13 ` Jack O'Quin
2005-02-03 3:10 ` Peter Williams [this message]
2005-02-03 3:56 ` Jack O'Quin
2005-02-03 21:36 ` Ingo Molnar
2005-02-04 0:35 ` Chris Wright
2005-02-04 17:21 ` Jack O'Quin
2005-02-03 2:54 ` Bill Huey
2005-02-03 3:25 ` Peter Williams
2005-02-02 11:37 ` Ingo Molnar
2005-02-02 16:01 ` Jack O'Quin
2005-02-02 18:59 ` Lee Revell
2005-02-02 19:31 ` Jack O'Quin
2005-02-02 20:29 ` Ingo Molnar
2005-02-02 22:45 ` Jack O'Quin
2005-02-02 20:17 ` Ingo Molnar
2005-01-27 20:01 ` Lee Revell
2005-01-28 6:38 ` Ingo Molnar
2005-01-28 8:09 ` Jack O'Quin
2005-01-28 8:08 ` Ingo Molnar
2005-01-28 8:35 ` Jack O'Quin
2005-01-28 8:40 ` Ingo Molnar
2005-01-28 9:01 ` Jack O'Quin
2005-01-28 9:11 ` Ingo Molnar
2005-01-29 0:44 ` Lee Revell
2005-01-28 9:51 ` Mike Galbraith
2005-01-28 22:16 ` Peter Williams
2005-01-28 22:19 ` Ingo Molnar
2005-01-29 7:02 ` Jack O'Quin
2005-01-31 22:29 ` Bill Davidsen
2005-02-01 0:39 ` Bill Huey
2005-01-25 5:16 ` [PATCH]sched: Isochronous class v2 for unprivileged soft rt scheduling Jack O'Quin
2005-01-25 15:09 ` Ingo Molnar
2005-01-23 20:48 ` Jack O'Quin
2005-01-23 22:57 ` Con Kolivas
2005-01-24 1:06 ` Jack O'Quin
2005-01-24 1:09 ` Con Kolivas
2005-01-24 4:45 ` Jack O'Quin
2005-01-24 4:53 ` Jack O'Quin
2005-01-24 6:28 ` Jack O'Quin
2005-01-24 6:35 ` Con Kolivas
2005-01-24 6:57 ` Jack O'Quin
2005-01-24 22:58 ` Con Kolivas
2005-01-25 3:55 ` Con Kolivas
2005-01-25 13:05 ` Con Kolivas
2005-01-25 14:38 ` Con Kolivas
2005-01-25 18:36 ` Jack O'Quin
2005-01-25 20:52 ` Rui Nuno Capela
2005-01-24 21:46 ` Con Kolivas
2005-01-23 7:38 ` Jack O'Quin
2005-01-23 7:41 ` Con Kolivas
2005-01-24 6:30 ` Jack O'Quin
2005-01-24 20:55 ` Ingo Molnar
2005-01-20 21:59 ` Peter Chubb
2005-01-21 0:30 ` Jack O'Quin
2005-01-22 14:06 ` Paul Davis
2005-01-20 17:49 ` ross
2005-01-20 19:07 ` Lee Revell
2005-01-20 23:17 ` Con Kolivas
2005-01-21 7:48 ` Ingo Molnar
2005-02-07 3:09 ` Werner Almesberger
2005-02-07 3:27 ` Jack O'Quin
2005-02-07 3:27 ` Con Kolivas
2005-01-20 9:06 ` Rui Nuno Capela
2005-01-20 17:09 ` Rui Nuno Capela
2005-01-20 19:32 ` Jack O'Quin
2005-01-21 9:18 ` Rui Nuno Capela
2005-01-21 16:23 ` Con Kolivas
2005-01-21 16:40 ` Jack O'Quin
2005-01-22 0:06 ` Con Kolivas
2005-01-22 6:18 ` Jack O'Quin
2005-01-22 6:19 ` Con Kolivas
2005-01-22 6:48 ` Con Kolivas
2005-01-22 6:50 ` Con Kolivas
2005-01-22 7:09 ` Con Kolivas
2005-01-22 20:22 ` Jack O'Quin
2005-01-23 1:02 ` Con Kolivas
2005-01-23 3:02 ` Jack O'Quin
2005-01-23 4:29 ` Con Kolivas
2005-01-23 4:46 ` Jack O'Quin
2005-01-23 4:50 ` Con Kolivas
2005-01-23 7:37 ` Mike Galbraith
2005-01-23 13:57 ` Paul Davis
2005-01-23 1:31 ` Con Kolivas
2005-01-23 1:41 ` Paul Davis
2005-01-23 1:56 ` Con Kolivas
2005-01-23 4:50 ` Jack O'Quin
2005-01-21 23:30 ` utz lehmann
2005-01-21 23:48 ` Con Kolivas
2005-01-22 0:28 ` utz lehmann
2005-01-22 3:52 ` Con Kolivas
2005-01-22 6:15 ` Jack O'Quin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42019633.80803@bigpond.net.au \
--to=pwil3058@bigpond.net.au \
--cc=akpm@osdl.org \
--cc=alexn@dsv.su.se \
--cc=arjanv@redhat.com \
--cc=bhuey@lnxw.com \
--cc=chrisw@osdl.org \
--cc=ck@vds.kolivas.org \
--cc=joq@io.com \
--cc=kernel@kolivas.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=nickpiggin@yahoo.com.au \
--cc=paul@linuxaudiosystems.com \
--cc=rlrevell@joe-job.com \
--cc=rncbc@rncbc.org \
--cc=utz@s2y4n2c.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.