RE: Ke: Ke: Process Capabilities on 2.2.16, Sendmail problem revisited

From: pavel-velo@bug.ucw.cz
Date: Thu Jan 02 1997 - 05:00:03 EST

Next message: Pavel Machek: "Re: Ke: Floppy Handling"
Previous message: Pavel Machek: "Where is tty interface from serial console?"
Next in thread: Albert D. Cahalan: "Re: Ke: Ke: Process Capabilities on 2.2.16, Sendmail problem revisited"
Reply: Albert D. Cahalan: "Re: Ke: Ke: Process Capabilities on 2.2.16, Sendmail problem revisited"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

>> Granted the setuid bit disables the elfcap, unless run as root....
>
>The "unless run as root" part need not be true. There are many ways
>to deal with that:
>
>a. the check is NOT for UID alone; the setuid bit MUST be set
>b. panic the kernel if a buggy UID 0 process tries this trick
>c. anything else, since no process should have UID 0
>
>As I recall, method "a" is actually implemented.

I do not think so., but I don't have sources handy... [writting in tramway on machine with 12MB disk]

Pavel

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pavel Machek: "Re: Ke: Floppy Handling"
Previous message: Pavel Machek: "Where is tty interface from serial console?"
Next in thread: Albert D. Cahalan: "Re: Ke: Ke: Process Capabilities on 2.2.16, Sendmail problem revisited"
Reply: Albert D. Cahalan: "Re: Ke: Ke: Process Capabilities on 2.2.16, Sendmail problem revisited"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Jun 23 2000 - 21:00:16 EST