Re: [RFC] [PATCH] file posix capabilities
From: Casey Schaufler
Date: Sat Aug 19 2006 - 13:06:07 EST
--- Crispin Cowan <crispin@xxxxxxxxxx> wrote:
> > At least some of the Linux capabilities lend
> themselves to easy
> > privilege escalation to gaining other capabilities
> or effectively
> > bypassing them.
> Certainly; cap_sys_admin effectively gives you
> ownership of the machine.
> But that is fundamental to the POSIX Capabilities
> model, and not
> something that Serge can change.
In turn it is fundamental to the curious
granularity of privileged operations in Unix.
I maintain that the real value in the POSIX
capability model derives from seperating the
permission to violate policy from the UID.
Granularity of such privilege is a bonus, and
a matter of considerable debate. DGUX ended
up with over 330 distinct capabilities, while
Irix had (last I looked) 24, and Solaris
came in somewhere between. All these systems
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/