Re: [security]: kernel ioctl()'s [3]

Chris Evans (chris@ferret.lmh.ox.ac.uk)
Fri, 2 Jul 1999 00:19:29 +0100 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Chris Evans: "Re: [security]: kernel ioctl()'s [3]"
In reply to: Chris Evans: "Re: [security]: kernel ioctl()'s [3]"
Reply: Chris Evans: "Re: [security]: kernel ioctl()'s [3]"

On Fri, 2 Jul 1999, Alan Cox wrote:

> I think its out of the question for 2.2, too much software knows it can
> write to users files as root. You've just broken that unix tradition (quite

The patch _doesn't_ allow normal users to use immutable. I agree such
would be suicide.

The fix is that _IF_ a user has CAP_IMMUTABLE, we restrict their changes
to files they own. Without the patch, a user with CAP_IMMUTABLE can change
flags on any file on the system.

Chris

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Previous message: Chris Evans: "Re: [security]: kernel ioctl()'s [3]"
In reply to: Chris Evans: "Re: [security]: kernel ioctl()'s [3]"
Reply: Chris Evans: "Re: [security]: kernel ioctl()'s [3]"