lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 08 Aug 2008 13:31:51 +0300
From:	Markku Savela <msa@...h.iki.fi>
To:	linux-kernel@...r.kernel.org
Subject: Radical idea? Remove all automatic privilege escalation base on executable file attributes!


That is, remove

 - setuid/setgid feature from Linux

 - cancel the capability attributes in files (or only only allow
   downgrading of capabilities)

(e.g. mount everything as nosuid or something, but eventually, the
code could be removed from the kernel)

The only way to escalate privileges would be to request starting of
the executable by some daemon (like upstart), which would grant or
deny the request based totally on some user space policies.

If granted,

 - would fork
 - child would setup the specified credentials to self
 - execve (or equivalent)

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ