Re: capabilities patch (v 0.1)

* Bodo Eggert ([email protected]) wrote:
> 1) I wouldn't want an exploited service to gain any privileges, even by
>    chaining userspace exploits (e.g. exec sendmail < exploitstring).  For
>    most services, I'd like CAP_EXEC being unset (but it doesn't exist).

Don't let it exec things it shouldn't.  This can be done with namespaces
or for finer-grained, that is what smth like SELinux is made for.

> 2) There are environments (linux-vserver.org) which limit root to a subset
>    of capabilities. I think they might use that feature, too. Off cause a
>    simple "suid bit" == "all capabilities" scheme won't work there.

IIRC, they effectively use the bounded set as per-context.  So it'd not
make any difference there.

thanks,
-chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: capabilities patch (v 0.1)
  - From: Bodo Eggert <[email protected]>

References:
- Re: capabilities patch (v 0.1)
  - From: Bodo Eggert <[email protected]>
- Re: capabilities patch (v 0.1)
  - From: Chris Wright <[email protected]>
- Re: capabilities patch (v 0.1)
  - From: Bodo Eggert <[email protected]>

Prev by Date: Re: irqpoll causing some breakage?
Next by Date: Re: [PATCH] ppc32: Added support for the Book-E style Watchdog Timer
Previous by thread: Re: capabilities patch (v 0.1)
Next by thread: Re: capabilities patch (v 0.1)
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind]