lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <46252471.2030006@tls.msk.ru>
Date:	Tue, 17 Apr 2007 23:48:01 +0400
From:	Michael Tokarev <mjt@....msk.ru>
To:	linux-kernel@...r.kernel.org
Subject: Wondering: why capabilities system is broken?

Hopefully not a flamewar question...

Currently, capabilities of a process are reset during exec()
system call.  At least effective+permitted set.

1) In case new uid != 0, all the caps are cleared, so it is not
possible to execute a program as non-root but still give it some
capabilities (like, say, CAP_NET_BIND_SERVICE).

2) In case new uid == 0, effective and permitted sets are restored
to all-ones.

This is regardless of other settings, like prctl(KEEPCAPS), or
the current set of capabilities.

I partly understand why 2) is done - in case of setuid binary being
executed, all the capabilities are set for it.  But this breaks
executing non-setuid binaries too -- for example, it'd be very nice
to be able to chroot to some directory, and remove CAP_SYS_CHROOT
(and other evil caps like CAP_SYS_MODULE, CAP_SETPCAP) -- this way,
with minimal efforts, chroot will work almost (yes, I understand
it's not entirely the same) the same as BSD jail(2) concept.

So the question is: why capability sets are being reinitialized during
exec()?  At least in 2.4 era, they weren't...  and stuff like
execcap, sucaps etc was working.  Now they aren't anymore.

Thanks.

/mjt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ