Re: caps in elf, next itteration (the hack get's bigger)

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Juanjo Ciarlante: "Re: Portforwarding reboots machine on 2.2.3"
• Previous message: Arni Raghu: "size of network backlog queue..."
• Maybe in reply to: David L. Parsley: "caps in elf, next itteration (the hack get's bigger)"
• Next in thread: Horst von Brand: "Re: caps in elf, next itteration (the hack get's bigger)"

[...]

> If you really want to completely remove UID=0 tests from the kernel,
> then we have to put caps into the FS as metadata, because using the
> sticky bit on ordinary user files is too insecure. At the moment the
> debate is about ELF cap headers and whether to use suid-root or the
> sticky bit as the magic flag. In that debate, I think suid-root wins
> by default.

Bingo!

-- 
Dr. Horst H. von Brand                       mailto:vonbrand@inf.utfsm.cl
Departamento de Informatica                     Fono: +56 32 654431
Universidad Tecnica Federico Santa Maria              +56 32 654239
Casilla 110-V, Valparaiso, Chile                Fax:  +56 32 797513

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Juanjo Ciarlante: "Re: Portforwarding reboots machine on 2.2.3"
• Previous message: Arni Raghu: "size of network backlog queue..."
• Maybe in reply to: David L. Parsley: "caps in elf, next itteration (the hack get's bigger)"
• Next in thread: Horst von Brand: "Re: caps in elf, next itteration (the hack get's bigger)"