lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 7 Nov 2006 10:43:08 -0600
From:	"Serge E. Hallyn" <serue@...ibm.com>
To:	Stephen Smalley <sds@...ho.nsa.gov>
Cc:	"Serge E. Hallyn" <serue@...ibm.com>, linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org,
	James Morris <jmorris@...ei.org>,
	chris friedhoff <chris@...edhoff.org>,
	Chris Wright <chrisw@...s-sol.org>,
	Andrew Morton <akpm@...l.org>
Subject: Re: [PATCH 1/1] security: introduce file posix caps

Quoting Stephen Smalley (sds@...ho.nsa.gov):
> On Tue, 2006-11-07 at 09:10 -0600, Serge E. Hallyn wrote:
> > Quoting Stephen Smalley (sds@...ho.nsa.gov):
> > > On Mon, 2006-11-06 at 21:45 -0600, Serge E. Hallyn wrote:
> > > > Implement file posix capabilities.  This allows programs to be given
> > > > a subset of root's powers regardless of who runs them, without
> > > > having to use setuid and giving the binary all of root's powers.
> > > 
> > > > diff --git a/include/linux/security.h b/include/linux/security.h
> > > > index b200b98..ea631ee 100644
> > > > --- a/include/linux/security.h
> > > > +++ b/include/linux/security.h
> > > > @@ -53,6 +53,10 @@ extern int cap_inode_setxattr(struct den
> > > >  extern int cap_inode_removexattr(struct dentry *dentry, char *name);
> > > >  extern int cap_task_post_setuid (uid_t old_ruid, uid_t old_euid, uid_t old_suid, int flags);
> > > >  extern void cap_task_reparent_to_init (struct task_struct *p);
> > > > +extern int cap_task_kill(struct task_struct *p, struct siginfo *info, int sig, u32 secid);
> > > > +extern int cap_task_setscheduler (struct task_struct *p, int policy, struct sched_param *lp);
> > > > +extern int cap_task_setioprio (struct task_struct *p, int ioprio);
> > > > +extern int cap_task_setnice (struct task_struct *p, int nice);
> > > >  extern int cap_syslog (int type);
> > > >  extern int cap_vm_enough_memory (long pages);
> > > >  
> > > > @@ -2594,12 +2598,12 @@ static inline int security_task_setgroup
> > > >  
> > > >  static inline int security_task_setnice (struct task_struct *p, int nice)
> > > >  {
> > > > -	return 0;
> > > > +	return cap_task_setnice(p, nice);
> > > >  }
> > > >  
> > > >  static inline int security_task_setioprio (struct task_struct *p, int ioprio)
> > > >  {
> > > > -	return 0;
> > > > +	return cap_task_setioprio(p, ioprio);
> > > >  }
> > > >  
> > > >  static inline int security_task_getioprio (struct task_struct *p)
> > > 
> > > setscheduler change seems to be missing here.
> > 
> > I'm confused - my kernel version already had selinux_task_setscheduler()
> > calling a secondary_ops->task_setscheduler().
> 
> I meant you didn't change the default implementation of
> security_task_setscheduler() to call cap_task_setscheduler() in
> security.h.  For the case where CONFIG_SECURITY is not defined.

Oh, I thought my git tree had gotten messed up.

So I guess that CONFIG_SECURITY_FS_CAPABILITIES should not be dependent
on CONFIG_SECURITY_CAPABILITIES, since the !CONFIG_SECURITY case
actually enables capabilities?

-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ