Re: Subject: Re: ext3 to include capabilities?

David Ford (unknown@riverstyx.net)
Fri, 2 Apr 1999 19:39:06 -0800 (PST)

It's not really just about editing the password file though, is it?
After all, if I have write access to all of root's other files, I can just
make a cron job that dumps in an extra user to /etc/passwd, or any number
of other possibilities... adding a capability for filesystem access to
root's files would likely be more useful than just CAP_EDIT_PASSWD.

---
tani hosokawa
river styx internet




On Sat, 3 Apr 1999, Richard Gooch wrote:


> Meelis Roos writes:
> > ADC> if(setuid){
> > ADC>   if(root_owned && cap_header) use_cap_header();
> > ADC>   else use_setuid_bit();
> > ADC> }
> > 
> > But here root is still special. Somebody who has the permissions to
> > create users may create a root user or change root's password and thus
> > gain access to root and then to everything?
> 
> The capability to create users is the capability to edit /etc/passwd.
> That implies being able to create root users. This has nothing to do
> with Albert's scheme.
> 
> A correct administration tool which has CAP_EDIT_PASSWD will prevent
> creating root users unless CAP_GOD is set.




-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/