From: Chris Wright <chrisw@osdl.org>
To: Alexander Nyberg <alexn@dsv.su.se>
Cc: linux-kernel@vger.kernel.org, akpm@osdl.org
Subject: Re: Capabilities across execve
Date: Sat, 12 Mar 2005 19:21:17 -0800 [thread overview]
Message-ID: <20050313032117.GA28536@shell0.pdx.osdl.net> (raw)
In-Reply-To: <1110627748.2376.6.camel@boxen>
[-- Attachment #1: Type: text/plain, Size: 858 bytes --]
* Alexander Nyberg (alexn@dsv.su.se) wrote:
> This makes it possible for a root-task to pass capabilities to
> nonroot-task across execve. The root-task needs to change it's
> cap_inheritable mask and set prctl(PR_SET_KEEPCAPS, 1) to pass on
> capabilities.
This overloads keepcaps, which could surprise to existing users.
> At execve time the capabilities will be passed on to the new
> nonroot-task and any non-inheritable effective and permitted
> capabilities will be masked out.
> The effective capability of the new nonroot-task will be set to the
> maximum permitted.
What happens to eff on setuid() to non-root or restore to uid 0?
What happens if you exec a setuid-root binary, or a setuid-nonroot binary?
How about ptrace?
Here's the tests I use.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
[-- Attachment #2: testcap.tgz --]
[-- Type: application/x-gtar, Size: 4265 bytes --]
next prev parent reply other threads:[~2005-03-13 3:21 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-03-12 11:42 Capabilities across execve Alexander Nyberg
2005-03-13 3:21 ` Chris Wright [this message]
2005-03-15 14:46 ` Alexander Nyberg
2005-03-15 21:57 ` Russell King
2005-03-15 22:42 ` Chris Wright
2005-03-15 23:41 ` Alexander Nyberg
2005-03-15 23:58 ` Chris Wright
2005-03-16 0:34 ` Alexander Nyberg
2005-03-19 0:02 ` Olaf Dietsche
2005-03-13 18:32 ` Pavel Machek
-- strict thread matches above, loose matches on Subject: below --
2005-03-16 0:04 Albert Cahalan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050313032117.GA28536@shell0.pdx.osdl.net \
--to=chrisw@osdl.org \
--cc=akpm@osdl.org \
--cc=alexn@dsv.su.se \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox