lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 27 Aug 2007 17:17:52 +0200
From:	Adrian Bunk <bunk@...nel.org>
To:	"Serge E. Hallyn" <serge@...lyn.com>
Cc:	Andrew Morgan <morgan@...nel.org>, chrisw@...s-sol.org,
	linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: Re: [2.6 patch] remove securebits

On Mon, Aug 27, 2007 at 10:09:42AM -0500, Serge E. Hallyn wrote:
> Quoting Adrian Bunk (bunk@...nel.org):
> > On Fri, Aug 24, 2007 at 08:50:10PM -0700, Andrew Morgan wrote:
> > > 
> > > FWIW, in the mm kernel, I've actually already removed them when one
> > > configures without capabilities.
> > > 
> > > http://www.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.23-rc3/2.6.23-rc3-mm1/broken-out/v3-file-capabilities-alter-behavior-of-cap_setpcap.patch
> > > 
> > > Other than writing a custom module, so far as I can tell, there is/was
> > > no way to set them anyway.
> > > 
> > > I'd obviously prefer to wait for the mm-merge process to complete and
> > > minimize the churn in this area, but I basically agree that the bits as
> > > implemented are pretty useless in their current form. In a per-process
> > > mode (with filesystem capability support) they are much more useful...
> > 
> > It was in the tree for nine years (sic) without a single user...
> 
> That's because without file capabilities there was no way for a process
> to retain capabilities across exec, so not having a privileged root user
> was simply not workable.
> 
> > Are you only improving a dead horse, or do you also have a rider for the 
> > improved dead horse?
> 
> It will allow process trees to run with strict capabilities, without a
> root user which automatically gains full capabilities.  That wasn't
> possible without file capabilities, since there was no way for processes
> to retain capabilities across exec.  Now that we have file capabilities,
> it is feasible, and it certainly is useful.

I didn't question that the dead horse gets improved, but where's the 
rider?

A user of the improved securebits has to be submitted for inclusion in 
the kernel.

> -serge

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ