| |||||||||||||
A bid to resurrect Linux capabilitiesA bid to resurrect Linux capabilitiesPosted Sep 22, 2006 8:24 UTC (Fri) by slamb (guest, #1070)Parent article: A bid to resurrect Linux capabilities
This patch uses some of those new bits from the outset for a set of "regular capabilities" which all processes are normally expected to have. These capabilities include the ability to use fork() or exec(), the ability to open files and to write to files, the ability to use ptrace (), and the ability to increase privilege by running a setuid program. Woo! I'm glad to see someone do this. I've long thought this was the best way to take advantage of capabilities. I even wrote a crappy patch to OpenBSD long ago, which fortunately for the world never made it beyond my system. Many of the regular capabilities can easily be used to gain full root access. (Though I thought that about pcap, and omnipresent ssh has proven me wrong.) But locking down ptrace() might be a good way to prevent an exploited connection from messing with another one in forked servers. I think the only other way would be to bind as root, then setuid() to one of a pool of uids or something...I hope no one's doing that.
(Log in to post comments)
A bid to resurrect Linux capabilities Posted Sep 25, 2006 8:21 UTC (Mon) by cras (guest, #7000) [Link] But locking down ptrace() might be a good way to prevent an exploited connection from messing with another one in forked servers. I think the only other way would be to bind as root, then setuid() to one of a pool of uids or something...I hope no one's doing thatA pool of UIDs is not required, just doing setuid() after exec() will make the kernel think the process is in "setuid state" and won't allow other processes ptrace it.
|
|||||||||||||