>>> Execution should fail when the new capabilities (after calculation) are
>>> not enough to do everything the executable needs to do. If execution
>>> can proceed, the user has selective control over system call failures.
>>
>> Ever heard of a chap called Alan Turing?
>
> It's more than the halting problem; to do what Albert suggested in the
> general case would require a solution to the halting problem *and* a
> functioning time machine.
What the hell? I mark the executable with what it needs:
$ mark-min-cap a.out CAP_CHOWN CAP_NET_ADMIN
I then run the executable. If the capability calculation does not
give the process CAP_CHOWN and CAP_NET_ADMIN, execution fails.
This is really basic bit operations and bit testing, like this:
new_pP = old_fP | (old_fI & old_pI);
if(min_pP & ~new_pP) return -EPERM;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/