From: Bill Davidsen <davidsen@tmr.com>
To: linux-kernel@vger.kernel.org
To: "Laughlin, Joseph V" <Joseph.V.Laughlin@boeing.com>
Cc: root@chaos.analogic.com, linux-kernel@vger.kernel.org
Subject: Re: Modifying kernel so that non-root users have some root capabilities
Date: Tue, 25 May 2004 17:15:56 -0400 [thread overview]
Message-ID: <40B3B78C.3050601@tmr.com> (raw)
In-Reply-To: <67B3A7DA6591BE439001F2736233351202B47EF0@xch-nw-28.nw.nos.boeing.com>
Laughlin, Joseph V wrote:
>>-----Original Message-----
>>From: Bill Davidsen [mailto:davidsen@tmr.com]
>>Sent: Tuesday, May 25, 2004 11:14 AM
>>To: root@chaos.analogic.com
>>Cc: Laughlin, Joseph V; linux-kernel@vger.kernel.org
>>Subject: Re: Modifying kernel so that non-root users have
>>some root capabilities
>>
>>
>>Richard B. Johnson wrote:
>>
>>>On Mon, 24 May 2004, Laughlin, Joseph V wrote:
>>>
>>>
>>>
>>>>(not sure if this is a duplicate or not.. Apologies in advance.)
>>>>
>>>>I've been tasked with modifying a 2.4 kernel so that a
>>
>>non-root user
>>
>>>>can do the following:
>>>>
>>>>Dynamically change the priorities of processes (up and down) Lock
>>>>processes in memory Can change process cpu affinity
>>>>
>>>>Anyone got any ideas about how I could start doing this?
>>
>>(I'm new to
>>
>>>>kernel development, btw.)
>>>>
>>>>Thanks,
>>>
>>>
>>>You don't modify an operating system to do that!! You just make a
>>>priviliged program (setuid) that does the things you want.
>>
>>Dick, it's called capabilities, and people have already modified the
>>operating system to do that, it just doesn't work quite as
>>intended in
>>some cases. Setuid is the keys to the kingdom, you really
>>don't want to
>>use setuid root unless there's no other way.
>>
>>Remember when everything used to take the BKL? Then people
>>saw a better
>>way. Capabilities is the same kind of progression, save the
>>big hammer
>>for the big nail.
>>
>
>
> In what cases does changing the capabilities not have the intended
> effects?
Don't read that as "existing capabilities don't work," but as
"capabilities don't exist for all the things people claim they need
setuid root to do." The whole concept of capabilities was going to
reduce the need and demand for setuid, and hopefully allow setuid to
vanish in secure systems.
Either through lack of all the necessary bits, or lack of expertise
using them the goal of reduction in demand and use for setuid seems not
to have been met. I would argue that lack of need has been met, but
careful thought seems needed to do some things without setuid.
--
-bill davidsen (davidsen@tmr.com)
"The secret to procrastination is to put things off until the
last possible moment - but no longer" -me
next prev parent reply other threads:[~2004-05-25 21:13 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-05-25 19:06 Modifying kernel so that non-root users have some root capabilities Laughlin, Joseph V
2004-05-25 21:15 ` Bill Davidsen [this message]
-- strict thread matches above, loose matches on Subject: below --
2004-05-25 23:43 Roger Larsson
[not found] <fa.nbdv424.kmij3i@ifi.uio.no>
2004-05-24 23:43 ` Andy Lutomirski
2004-05-24 23:41 Laughlin, Joseph V
2004-05-24 23:49 ` Chris Wright
2004-05-24 22:21 Laughlin, Joseph V
2004-05-24 23:24 ` Steve Youngs
2004-05-24 23:29 ` Neale Banks
2004-05-25 11:28 ` Richard B. Johnson
2004-05-25 18:14 ` Bill Davidsen
2004-05-25 14:57 ` David T Hollis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=40B3B78C.3050601@tmr.com \
--to=davidsen@tmr.com \
--cc=linux-kernel@vger.kernel.org \
--cc=root@chaos.analogic.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox