From: KaiGai Kohei <kaigai@ak.jp.nec.com>
To: Andrew Morgan <morgan@kernel.org>
Cc: KaiGai Kohei <kaigai@kaigai.gr.jp>,
"Serge E. Hallyn" <serue@us.ibm.com>,
jmorris@namei.org, akpm@osdl.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] Exporting capability code/name pairs
Date: Fri, 04 Jan 2008 10:57:00 +0900 [thread overview]
Message-ID: <477D926C.8000707@ak.jp.nec.com> (raw)
In-Reply-To: <477C3EE9.2060600@kernel.org>
> There is also the issue of compiled code which explicitly raises and
> lowers capabilities around critical code sections (ie., as they were
> intended to be used) is also not well served by this change.
>
> That is, unless the code was compiled with things like CAP_MAC_ADMIN
> being #define'd then it won't be able to do things like cap_set_flag()
> appropriately.
A new function will be necessary, like:
cap_value_t cap_get_value_by_name(const char *cap_name);
If a program tries to use specific capabilities explicitly, it can
apply pre-defined capability code like CAP_MAC_ADMIN.
However, when we implement a program which can deal with arbitrary
capabilities, it should obtain codes of them dynamically, because
it enables to work itself on the feature kernel.
Thanks,
> Cheers
>
> Andrew
>
> KaiGai Kohei wrote:
>> Andrew Morgan wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> KaiGai Kohei wrote:
>>>> Remaining issues:
>>>> - We have to mount securityfs explicitly, or use /etc/fstab.
>>>> It can cause a matter when we want to use this feature on
>>>> very early phase on boot. (like /sbin/init)
>>> I'm not altogether clear how you intend this to work.
>>>
>>> Are you saying that some future version of libcap will require that
>>> securityfs be mounted before it (libcap) will work?
>> Yes, but implementing this feature on securityfs might be not good
>> idea as as James said. If this feature is on procfs or sysfs, it is
>> not necessary to mount securityfs explicitly.
>>
>> Thanks,
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFHfD7n+bHCR3gb8jsRAsgcAKDY6qXBR3JV2addHUg5sxyZHJEkDQCfdLOL
> zJlf3T4SQsUNENr3kwR5pr8=
> =v8C5
> -----END PGP SIGNATURE-----
>
>
prev parent reply other threads:[~2008-01-04 1:56 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-12-27 3:53 [PATCH] Exporting capability code/name pairs KaiGai Kohei
2007-12-27 7:54 ` James Morris
2007-12-27 16:14 ` Serge E. Hallyn
2007-12-28 1:47 ` KaiGai Kohei
2007-12-28 6:16 ` KaiGai Kohei
2007-12-28 6:54 ` James Morris
2007-12-28 7:33 ` KaiGai Kohei
2007-12-28 9:12 ` James Morris
2008-01-02 8:04 ` KaiGai Kohei
2008-01-02 10:02 ` James Morris
2008-01-04 2:28 ` KaiGai Kohei
2007-12-28 23:07 ` Randy Dunlap
2007-12-30 16:28 ` Andrew Morgan
2008-01-02 8:08 ` KaiGai Kohei
2008-01-03 1:48 ` Andrew Morgan
2008-01-04 1:57 ` KaiGai Kohei [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=477D926C.8000707@ak.jp.nec.com \
--to=kaigai@ak.jp.nec.com \
--cc=akpm@osdl.org \
--cc=jmorris@namei.org \
--cc=kaigai@kaigai.gr.jp \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=morgan@kernel.org \
--cc=serue@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox