On Sunday 03 July 2005 01:41, Nicholas Hans Simmonds wrote:
> This is a simple attempt at providing capability support through extended
> attributes. Setting security.cap_set to contain a struct cap_xattr_data which
> defines the desired capabilities will switch on the new behaviour otherwise
> there is no change. When a file is written to then the xattr (if it exists) is
> removed to prevent tampering with priveleged executables. Whilst I'm not sure
> this provides a secure implementation, I can't see any problem with it myself.
> --- a/security/commoncap.c
> +++ b/security/commoncap.c
> int cap_bprm_set_security (struct linux_binprm *bprm)
> {
> + ssize_t (*bprm_getxattr)(struct dentry *,const char *,void *,size_t);
> + struct dentry *bprm_dentry;
> + ssize_t ret;
> + struct cap_xattr_data caps;
> +
$ make security/commoncap.o
CC security/commoncap.o
security/commoncap.c: In function `cap_bprm_set_security':
security/commoncap.c:114: warning: unused variable `bprm_getxattr'
security/commoncap.c:115: warning: unused variable `bprm_dentry'
security/commoncap.c:116: warning: unused variable `ret'
security/commoncap.c:117: warning: unused variable `caps'
with an obvious change in .config
> +#ifdef CONFIG_SECURITY_FS_CAPABILITIES
> + /* Locate any VFS capabilities: */
> +
> + bprm_dentry = bprm->file->f_dentry;
> + if(!(bprm_dentry->d_inode->i_op &&
> + bprm_dentry->d_inode->i_op->getxattr))
> + return 0;
> + bprm_getxattr = bprm_dentry->d_inode->i_op->getxattr;
> +
> + down(&bprm_dentry->d_inode->i_sem);
> + ret = bprm_getxattr(bprm_dentry,XATTR_CAP_SET,&caps,sizeof(caps));
> + if(ret == sizeof(caps)) {
> + if(caps.version == _LINUX_CAPABILITY_VERSION) {
> + cap_t(bprm->cap_effective) &= caps.mask_effective;
> + cap_t(bprm->cap_effective) |= caps.effective;
> +
> + cap_t(bprm->cap_permitted) &= caps.mask_permitted;
> + cap_t(bprm->cap_permitted) |= caps.permitted;
> +
> + cap_t(bprm->cap_inheritable) &= caps.mask_inheritable;
> + cap_t(bprm->cap_inheritable) |= caps.inheritable;
> + } else
> + printk(KERN_WARNING "Warning: %s capability set has "
> + "incorrect version\n",bprm->filename);
You may want to print this incorrect version.
> + }
> + up(&bprm_dentry->d_inode->i_sem);
> +#endif /* CONFIG_SECURITY_FS_CAPABILITIES */
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
|
|