Stealing capabilities possible?

Topi Miettinen (Topi.Miettinen@medialab.sonera.fi)
Sat, 06 Mar 1999 15:09:51 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: kuznet@ms2.inr.ac.ru: "Re: Funny ARP behavior on 2.2.2"
Previous message: Meelis Roos: "loop mount via nfs?"

Looking at the sources, it would seem that it is possible for a process
without some desired capabilities (e.g. CAP_SYS_MODULE) to modify execution
(using ptrace, signals, /proc etc) of another process with those
capabilities but with the same uid.

Would this look like possible fix:
-allow if (current->uid == child->euid)...
+allow if (current->uid == child->euid &&
cap_issubset(child->cap_permitted, current->cap_permitted)...

-Topi

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: kuznet@ms2.inr.ac.ru: "Re: Funny ARP behavior on 2.2.2"
Previous message: Meelis Roos: "loop mount via nfs?"