> are 'legal' at both the user and kernel level (UID==65535 is legal). UID==0 is not
> special in regards to auditing.
65535 is special as is 2^32-1. (uid_t)-1 (ie the unsigned cast of in our case)
is special to setuid and related calls meaning 'no change'
> 1) adding a variable "luid" to the uid_t line in the task struct
> 2) adding two system calls - 1 to 'set' and one to 'get' the value.
> 3) adding CAP_SET_LUID that allows setting setting the luid.
>
> This proposal would affect no user applications in current systems. It
> would be tamperproof on current systems by anyone not possessing CAP_SET_LUID.
Untrue. All users must lack CAP_SYS_RAWIO for this to be true, otherwise they
can use hardware to DMA back over their luid from other capabilities
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Apr 15 2000 - 21:00:26 EST