| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 17 Apr 2011 23:05:59 +0900 From: crocket <crockabiscuit@...il.com> To: linux-kernel@...r.kernel.org Subject: Linux capabilities shouldn't be lost during setuid to non-root from root or to another non-root uid from a non-root uid. Linux capabilities exist to split root previlege to dozens of subsets of previleges. But after setuid, all linux capabilities gained from a file are gone for good. This becomes a problem with OpenVPN. If I use --mlock option and --user option in OpenVPN, OpenVPN locks memory with mlockall as root and drops to a non-root user specififed by --user option. After dropping to a non-root user, the process loses CAP_IPC_LOCK capability gained from OpenVPN executable which I personally set. Because the process doesn't have CAP_IPC_LOCK capability and its UID isn't 0, further attempts to allocate memory more than "ulimit -l" to openvpn crash OpenVPN. This defeats the purpose of linux capabilities. Linux capabilities exist to give a subset or subsets of previleges to processes whose UID is greater than 0(root). Can somebody provide or merge a patch that prevents linux from losing capabilities after setuid? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists