DL> -----BEGIN PGP SIGNED MESSAGE-----
DL> For the issue of what would happen with an old kernel there are two
DL> possibilities that have been posted.
DL> 1. using the suid bit everything would work, but you would have
DL> potentially large security holes. (think of lilo being set for just the
DL> capabilities it needs, now when run on an older kernel it is suid root and
DL> anyone can run it not just root)
DL> 2. using one of the many other methods mentioned things would break,
DL> potentially in ways that prevent you from even being ablt to shutdown the
DL> system (think of shutdown and reboot with capablities set, you could not
DL> run them)
No. On an old kernel root would still be able to run anything.
Though perhaps only root could do things other users could do in a capability
enhanced system.
Futhermore if you adopted the convention that
a) all enhanced capability binaries must reside on an ext2 partition
b) all enhanced capability binaries would also have the immutable flag set.
c) you ran 'find / -perm -01000 | xargs chmod -t' before going to multi
user mode there would be no security holes.
This relies on the fact that
1) only root can set the ext2 immutable flag in a non capabilities system.
2) even for root chmod -t won't work without clearning the immutable flag first.
DL> option 1 requires care in the trasition to avaoid security holes, o
yep.
DL> option 2 requires a "flag day" type of change.
Nope.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/