| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20121210143609.GB8137@sergelap> Date: Mon, 10 Dec 2012 08:36:09 -0600 From: Serge Hallyn <serge.hallyn@...onical.com> To: "Andrew G. Morgan" <morgan@...nel.org> Cc: Andy Lutomirski <luto@...capital.net>, "Serge E. Hallyn" <serge@...lyn.com>, Casey Schaufler <casey@...aufler-ca.com>, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, Kees Cook <keescook@...omium.org>, James Morris <james.l.morris@...cle.com>, Eric Paris <eparis@...hat.com>, "Serge E. Hallyn" <serge@...onical.com>, Markku Savela <msa@...h.iki.fi> Subject: Re: [RFC] Capabilities still can't be inherited by normal programs Quoting Andrew G. Morgan (morgan@...nel.org): > > It breaks down because, currently, users with nonzero pI have no > > direct ability to wield the capabilities. That means that every > > single binary with fI bits set needs to be as careful as a setuid-root > > binary to avoid leaking privilege to the caller. (Obviously, binaries > > with fP set need to be careful. IMO binaries with only fI set should > > not need to exercise any particular care to defend themselves from > > their callers.) > > True. Uh, I disagree. Not true. (I suspect Andrew meant True to the first two sentences, not the last parenthesized one?) -serge -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists