Re: RFC: Security feature: partly prohibit process uid-changing

Jan Kara (jack@atrey.karlin.mff.cuni.cz)
Sun, 28 Feb 1999 16:37:59 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dan Srebnick: "Re: ppp mru/mtu and ip masquerading"
Previous message: Alan Cox: "Re: 2.2.2: Freeze (possible kb failure)"

> How about implementing a new field in the process structure, which gives
> the SMALLEST possible uid for this process? standard would be 0, but could
> be raised by all|root to any other value, maybe root could want lower it too.
>
> that would primarily be used in servers, where e.g. after a setreuid() the
> uid should NEVER AGAIN become 0 (chroot() environments). this flag would be
> given to the children too.
> that should prohibit use of SETUID programs too ...
I'm not very much experienced in this area so please forgive me if I'm
wrong but AFAIK there are capabilities in linux which should allow
programs to do some privileged actions even if they are non-root ones. So
there should be no need for most programs to be SUID and so this feature
wouldn't be much useful...

Honza.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dan Srebnick: "Re: ppp mru/mtu and ip masquerading"
Previous message: Alan Cox: "Re: 2.2.2: Freeze (possible kb failure)"