caps in elf headers: use the sticky bit!

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Andrea Arcangeli: "Re: [RFC] set_blocksize() oddity."
• Previous message: Gregory Maxwell: "Re: [PATCH] Capabilities, this time in elf section"
• Next in thread: Horst von Brand: "Re: caps in elf headers: use the sticky bit!"
• Maybe reply: Horst von Brand: "Re: caps in elf headers: use the sticky bit!"

- To set the cap flag, a user (process) needs CAP_SETFCAP raised, and the
kernel (besides the normal fs checks) validates the cap headers as well
for legality. (this also applies to creating files with this flag raised;
i.e., through a copy operation)
- While the cap flag is set, the file is immutable, so the file owner
can't edit the file directly to raise caps.
- A file that is both setuid root and capability enabled has only those
capabilities granted in conjuction w/ the headers; if it's only setuid
root, the kernel can (as a configurable option?) treat it as before and
raise all caps.

This can bring us _really_ close to true capabilities support,
while avoiding the ugly hack of also storing uid + suid bit in the elf
headers.

thoughts?

- --
David L. Parsley
Network Specialist
City of Salem Schools

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Andrea Arcangeli: "Re: [RFC] set_blocksize() oddity."
• Previous message: Gregory Maxwell: "Re: [PATCH] Capabilities, this time in elf section"
• Next in thread: Horst von Brand: "Re: caps in elf headers: use the sticky bit!"
• Maybe reply: Horst von Brand: "Re: caps in elf headers: use the sticky bit!"