Re: LSM conversion to static interface | KernelTrap

Re: LSM conversion to static interface

view
thread

!MAILaRCHIVE_VOTE_RePLACE

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Jan Engelhardt <jengelh@...>

To: Serge E. Hallyn <serge@...>

Cc: Giacomo Catenazzi <cate@...>, Linus Torvalds <torvalds@...>, Andreas Gruenbacher <agruen@...>, Thomas Fricaccia <thomas_fricacci@...>, Linux Kernel Mailing List <linux-kernel@...>, James Morris <jmorris@...>

Subject: Re: LSM conversion to static interface

Date: Tuesday, October 23, 2007 - 11:28 am

On Oct 23 2007 10:20, Serge E. Hallyn wrote:
quoted text>
>Once the per-process capability bounding set is accepted
>(http://lkml.org/lkml/2007/10/3/315) you will be able to do something
>like:
>
>	1. Create user 'jdoe' with uid 0

UID 0 is _not_ acceptable for me.

quoted text>	2. write a pam module which, when jdoe logs in, takes
>	   CAP_NET_ADMIN out of his capability bounding set
>	3. Now jdoe can log in with the kind of capabilities subset
>	   you describe.

It is not that easy.
CAP_DAC_OVERRIDE is given to the subadmin to bypass the pre-security
checks in kernel code, and then the detailed implementation of
limitation is done inside multiadm.
This is not just raising or lowering capabilities.

quoted text>It's not a perfect solution, since it doesn't allow jdoe any way at all
>to directly execute a file with more caps (setuid and file capabilities
>are subject to the capbound).  So there is certainly still a place for
>multiadm.

A normal user can execute suid binaries today, and so can s/he with mtadm.
I do not see where that will change - it does not need any caps atm.
-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: LSM conversion to static interface, Linus Torvalds, (Wed Oct 17, 10:18 pm)

Re: Re: LSM conversion to static interface, Crispin Cowan, (Sun Oct 21, 9:12 pm)

Re: LSM conversion to static interface, Andreas Gruenbacher, (Fri Oct 19, 4:26 pm)

Re: LSM conversion to static interface, James Morris, (Fri Oct 19, 5:07 pm)

Re: LSM conversion to static interface, Linus Torvalds, (Fri Oct 19, 4:40 pm)

Re: LSM conversion to static interface, Jan Engelhardt, (Sat Oct 20, 7:05 am)

Re: LSM conversion to static interface, James Morris, (Sat Oct 20, 6:57 pm)

Re: LSM conversion to static interface, Jan Engelhardt, (Tue Oct 23, 5:13 am)

Re: LSM conversion to static interface [revert patch], Arjan van de Ven, (Tue Oct 23, 12:09 am)

Re: LSM conversion to static interface [revert patch], James Morris, (Tue Oct 23, 12:56 am)

Re: LSM conversion to static interface [revert patch], Arjan van de Ven, (Tue Oct 23, 12:57 am)

Re: LSM conversion to static interface [revert patch], Chris Wright, (Tue Oct 23, 1:16 am)

Re: LSM conversion to static interface [revert patch], Jeremy Fitzhardinge, (Tue Oct 23, 8:31 pm)

Re: LSM conversion to static interface [revert patch], Arjan van de Ven, (Wed Oct 24, 1:06 am)

Linux Security *Module* Framework (Was: LSM conversion to st..., Simon Arlott, (Wed Oct 24, 7:50 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Tetsuo Handa, (Sat Oct 27, 10:08 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Crispin Cowan, (Mon Nov 5, 2:42 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Adrian Bunk, (Wed Oct 24, 8:55 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Simon Arlott, (Wed Oct 24, 2:11 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Adrian Bunk, (Wed Oct 24, 6:31 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Tilman Schmidt, (Thu Oct 25, 7:09 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Greg KH, (Thu Oct 25, 10:56 pm)

Out-of-tree modules [was: Linux Security *Module* Framework], Jan Engelhardt, (Mon Oct 29, 7:51 pm)

Re: Out-of-tree modules [was: Linux Security *Module* Framew..., Lee Revell, (Mon Oct 29, 8:46 pm)

Re: Out-of-tree modules [was: Linux Security *Module* Framew..., Jan Engelhardt, (Mon Oct 29, 9:19 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Tilman Schmidt, (Fri Oct 26, 5:46 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Adrian Bunk, (Fri Oct 26, 7:26 pm)

eradicating out of tree modules (was: : Linux Security *Modu..., Tilman Schmidt, (Sat Oct 27, 10:47 am)

Re: eradicating out of tree modules (was: : Linux Security *..., Adrian Bunk, (Sat Oct 27, 8:55 pm)

Re: eradicating out of tree modules, Tilman Schmidt, (Sun Oct 28, 2:51 pm)

Re: eradicating out of tree modules, Adrian Bunk, (Sun Oct 28, 3:25 pm)

Re: eradicating out of tree modules, Tilman Schmidt, (Mon Oct 29, 8:29 pm)

Re: eradicating out of tree modules, linux-os (Dick Johnson), (Tue Oct 30, 9:11 am)

Re: eradicating out of tree modules, Greg KH, (Tue Oct 30, 11:30 am)

Re: eradicating out of tree modules, Xavier Bestel, (Tue Oct 30, 9:19 am)

Re: eradicating out of tree modules, Stefan Richter, (Sun Oct 28, 5:25 am)

Re: eradicating out of tree modules, Tilman Schmidt, (Sun Oct 28, 8:01 am)

Re: eradicating out of tree modules, Stefan Richter, (Sun Oct 28, 10:37 am)

Re: eradicating out of tree modules, Tilman Schmidt, (Sun Oct 28, 12:55 pm)

Re: eradicating out of tree modules, Simon Arlott, (Sun Oct 28, 10:59 am)

Re: eradicating out of tree modules, Stefan Richter, (Sat Oct 27, 1:31 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Greg KH, (Fri Oct 26, 11:58 am)

eradicating out of tree modules (was: Linux Security *Module..., Tilman Schmidt, (Sat Oct 27, 10:07 am)

Re: eradicating out of tree modules (was: Linux Security *Mo..., Adrian Bunk, (Sat Oct 27, 9:21 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Simon Arlott, (Fri Oct 26, 12:32 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Fri Oct 26, 3:09 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Greg KH, (Fri Oct 26, 11:54 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Simon Arlott, (Thu Oct 25, 7:44 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Wed Oct 24, 6:58 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Chris Wright, (Wed Oct 24, 8:23 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Wed Oct 24, 9:42 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Toshiharu Harada, (Mon Oct 29, 11:23 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Tue Oct 30, 4:40 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Toshiharu Harada, (Tue Oct 30, 5:21 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Crispin Cowan, (Tue Oct 30, 4:50 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Tue Oct 30, 5:27 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Pavel Machek, (Sat Oct 27, 2:22 pm)

Re: Linux Security *Module* Framework, Tilman Schmidt, (Sun Oct 28, 3:42 pm)

Re: Linux Security *Module* Framework, Jan Engelhardt, (Sun Oct 28, 4:46 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Ray Lee, (Wed Oct 24, 8:35 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Bernd Petrovitsch, (Thu Oct 25, 5:19 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Ray Lee, (Thu Oct 25, 12:04 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Bernd Petrovitsch, (Tue Oct 30, 5:41 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Arjan van de Ven, (Thu Oct 25, 1:10 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Alan Cox, (Wed Oct 24, 9:41 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Crispin Cowan, (Sun Oct 28, 6:08 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Arjan van de Ven, (Mon Oct 29, 1:12 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Sun Oct 28, 7:55 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Alan Cox, (Sun Oct 28, 6:50 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., , (Mon Nov 26, 4:42 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Ray Lee, (Thu Oct 25, 2:17 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Pavel Machek, (Sat Oct 27, 2:29 pm)

RE: Linux Security *Module* Framework (Was: LSM conversion t..., Hua Zhong, (Sun Oct 28, 3:05 pm)

RE: Linux Security *Module* Framework (Was: LSM conversion t..., Hua Zhong, (Sun Oct 28, 2:48 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Alan Cox, (Thu Oct 25, 6:21 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., , (Thu Oct 25, 11:45 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Fri Oct 26, 1:44 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., , (Wed Oct 24, 10:11 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Wed Oct 24, 9:26 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Adrian Bunk, (Wed Oct 24, 7:32 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Linus Torvalds, (Wed Oct 24, 7:42 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Chris Wright, (Wed Oct 24, 8:41 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Toshiharu Harada, (Mon Oct 29, 11:37 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Arjan van de Ven, (Wed Oct 24, 10:19 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Wed Oct 24, 9:03 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 2:51 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Crispin Cowan, (Wed Oct 24, 4:18 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 4:46 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Wed Oct 24, 5:29 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Simon Arlott, (Wed Oct 24, 2:59 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 3:04 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., David P. Quigley, (Wed Oct 24, 5:02 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Simon Arlott, (Thu Oct 25, 7:38 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Wed Oct 24, 5:58 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., David P. Quigley, (Wed Oct 24, 6:04 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 5:42 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Serge E. Hallyn, (Wed Oct 24, 5:37 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Kyle Moffett, (Wed Oct 24, 11:50 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., , (Wed Oct 24, 9:50 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 5:51 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., David P. Quigley, (Wed Oct 24, 6:02 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 7:13 pm)

Re: LSM conversion to static interface [revert patch], Chris Wright, (Tue Oct 23, 8:32 pm)

Re: LSM conversion to static interface [revert patch], Jan Engelhardt, (Tue Oct 23, 5:10 am)

Re: LSM conversion to static interface [revert patch], Chris Wright, (Tue Oct 23, 5:13 am)

Re: LSM conversion to static interface [revert patch], Jan Engelhardt, (Tue Oct 23, 5:14 am)

Re: LSM conversion to static interface, Adrian Bunk, (Sun Oct 21, 6:59 pm)

Re: LSM conversion to static interface, Giacomo Catenazzi, (Tue Oct 23, 1:44 am)

Re: LSM conversion to static interface, Jan Engelhardt, (Tue Oct 23, 4:55 am)

Re: LSM conversion to static interface, Serge E. Hallyn, (Tue Oct 23, 11:20 am)

Re: LSM conversion to static interface, Jan Engelhardt, (Tue Oct 23, 11:28 am)

Re: LSM conversion to static interface, Serge E. Hallyn, (Tue Oct 23, 11:34 am)

Re: LSM conversion to static interface, , (Thu Oct 25, 6:23 am)

Re: LSM conversion to static interface, Giacomo A. Catenazzi, (Tue Oct 23, 5:14 am)

Re: LSM conversion to static interface, Jan Engelhardt, (Tue Oct 23, 5:18 am)

Navigation

Popular discussions


linux-kernel:
Alan Cox	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Greg Kroah-Hartman	[PATCH 004/196] Chinese: add translation of SubmittingPatches
Bart Van Assche	Re: Integration of SCST in the mainstream Linux kernel
Andrew Morton	Re: [RFC/PATCH] Documentation of kernel messages
git:

linux-netdev:
Winkler, Tomas	RE: iwlwifi: fix build bug in "iwlwifi: fix LED stall"
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Mark Lord	Re: [BUG] New Kernel Bugs
openbsd-misc:

Colocation donated by:

Who's online

There are currently 5 users and 860 guests online.

Online users

Syndicate