Re: [ linus-git ] prctl(PR_SET_KEEPCAPS, ...) is broken for some configs, e.g. CONFIG_SECURITY_SELINUX

view
thread

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Serge E. Hallyn

Subject: Re: [ linus-git ] prctl(PR_SET_KEEPCAPS, ...) is broken for some configs, e.g. CONFIG_SECURITY_SELINUX

Date: Monday, June 9, 2008 - 10:17 am

Quoting Andrew Morton (akpm@linux-foundation.org):
quoted text> On Sun, 08 Jun 2008 15:34:44 -0700 Andrew Morgan <morgan@kernel.org> wrote:
> 
> > | On Sun, 08 Jun 2008 08:10:26 -0700 Andrew Morgan <morgan@kernel.org>
> > wrote:
> > |
> > |> Nacked-by: Andrew G. Morgan <morgan@kernel.org>
> > |>
> > |> In a configuration in which you are not using capabilities, what is the
> > |> "keep capabilities" operation supposed to do? Lie to you?
> > |>
> > |> http://bugzilla.kernel.org/show_bug.cgi?id=10748
> > |
> > | I totally agree with comment 11 there. Quite a number of people have
> > already
> > | hit this and more surely will.  How can we help them (and hence us)?
> >
> > What do people think about comment #8 from Stephen Smalley?:
> > 
> > The dummy module is generally in the untenable position of having to lie
> > to userspace or break the existing capability-related system call
> > interface.  It should just go away, and make capability the default
> > module (w/ stubs for the rest of the LSM hooks as with dummy).  Then
> > CONFIG_SECURITY=n will yield the same result as CONFIG_SECURITY=y w/o
> > any further options.
> 
> (removed pgp crap, undid top-posting.  Your emails are very hard to reply to)
> 
> It's a fine comment, but I am not knowledgeable enough in this area to
> say whether it's a desirable thing to do for 2.6.26.
> 
> I fear that nothing will happen, and we'll end up wasting a lot of
> peoples' time sending hey-why-did-my-dhcp-break reports.

If we decide to get rid of dummy long-term, then it's far less
distasteful to have it lie and claim the keepcaps worked in the
meantime.

So for 2.6.26 we could have dummy lie, then plan to make capabilities
the default for 2.6.27?

-serge
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: [ linus-git ] prctl(PR_SET_KEEPCAPS, ...) is broken fo ..., Dmitry Adamushko, (Sun Jun 8, 6:38 am)

Re: [ linus-git ] prctl(PR_SET_KEEPCAPS, ...) is broken fo ..., Andrew Morgan, (Sun Jun 8, 8:10 am)

Re: [ linus-git ] prctl(PR_SET_KEEPCAPS, ...) is broken fo ..., Andrew Morton, (Sun Jun 8, 11:06 am)

Re: [ linus-git ] prctl(PR_SET_KEEPCAPS, ...) is broken fo ..., Andrew Morgan, (Sun Jun 8, 3:34 pm)

Re: [ linus-git ] prctl(PR_SET_KEEPCAPS, ...) is broken fo ..., Andrew Morton, (Sun Jun 8, 4:39 pm)

Re: [ linus-git ] prctl(PR_SET_KEEPCAPS, ...) is broken fo ..., Serge E. Hallyn, (Mon Jun 9, 10:17 am)

[PATCH] bugfix: was Re: [ linus-git ] prctl(PR_SET_KEEPCAP ..., Andrew G. Morgan, (Mon Jun 9, 9:26 pm)

Re: [PATCH] bugfix: was Re: [ linus-git ] prctl(PR_SET_KEE ..., Andrew Morton, (Mon Jun 9, 10:21 pm)

Re: [ linus-git ] prctl(PR_SET_KEEPCAPS, ...) is broken fo ..., Chris Wright, (Tue Jun 10, 9:12 am)

Re: [PATCH] bugfix: was Re: [ linus-git ] prctl(PR_SET_KEE ..., Serge E. Hallyn, (Tue Jun 10, 12:12 pm)

Re: [PATCH] bugfix: was Re: [ linus-git ] prctl(PR_SET_KEE ..., Chris Wright, (Tue Jun 10, 12:14 pm)

Re: [PATCH] bugfix: was Re: [ linus-git ] prctl(PR_SET_KEE ..., Andrew G. Morgan, (Tue Jun 10, 5:37 pm)

Re: [PATCH] bugfix: was Re: [ linus-git ] prctl(PR_SET_KEE ..., Andrew G. Morgan, (Tue Jun 10, 5:39 pm)

Re: [PATCH] bugfix: was Re: [ linus-git ] prctl(PR_SET_KEE ..., Dmitry Adamushko, (Wed Jun 11, 7:21 am)

Navigation

Popular discussions


linux-kernel:
FUJITA Tomonori	Re: [Scst-devel] Integration of SCST in the mainstream Linux kernel
Rafael J. Wysocki	[Bug #11287] Regression in 2.6.27-rc2 in acpi_processor_init()
Ingo Molnar	Re: [PATCH] x86: silence section mismatch warning - uv_cpu_init
Ingo Molnar	Re: [GIT PULL] time.c - respin
Paul E. McKenney	Re: [PATCH, RFC] v7 scalable classic RCU implementation
git:
Mark Junker	git on MacOSX and files with decomposed utf-8 file names
Junio C Hamano	Re: git-svnimport
Junio C Hamano	Re: [PATCH] Detached HEAD (experimental)
Johannes Schindelin	Re: [PATCH] Fix approxidate("never") to always return 0
A Large Angry SCM	Re: [RFC] origin link for cherry-pick and revert
linux-netdev:
Arnaldo Carvalho de Melo	Re: [PATCH 06/37] dccp: Limit feature negotiation to connection setup phase
Gerrit Renker	[PATCH 1/5] dccp: Initialisation framework for feature negotiation
Daniel Lezcano	getsockopt(TCP_DEFER_ACCEPT) value change
David Miller	Re: 2.6.27.18: bnx2/tg3: BUG: "scheduling while atomic" trying to ifenslave a seco...
Gerrit Renker	[PATCH 37/37] dccp: Debugging functions for feature negotiation
git-commits-head:
Linux Kernel Mailing List	ath9k_htc: Allocate URBs properly
Linux Kernel Mailing List	powerpc/kexec: Add support for FSL-BookE
Linux Kernel Mailing List	timer: Try to survive timer callback preempt_count leak
Linux Kernel Mailing List	V4L/DVB (8976): af9015: Add USB ID for AVerMedia A309
Linux Kernel Mailing List	ARM: 5670/1: bcmring: add default configuration for bcmring arch
openbsd-misc:
Stephen J. Bevan	GRE over IPsec
Christophe Rioux	Implementation example of snmp
Nick Holland	Re: booting openbsd on eee without cd-rom
Cabillot Julien	Re: OpenBSD isakmpd and pf vs Cisco PIX or ASA
Guido Tschakert	Re: what exactly is enc0?

Colocation donated by:

Syndicate