Bug 200027
Summary: | Linux Capabilities are Broken | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | starlight | ||||
Component: | kernel | Assignee: | Ernie Petrides <petrides> | ||||
Status: | CLOSED WORKSFORME | QA Contact: | Brian Brock <bbrock> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 4.0 | CC: | jbaron | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2006-11-14 00:34:05 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
starlight
2006-07-24 21:34:23 UTC
Ack! I see it's broken by design. I guess since capabilities never caught on (too complex for the typical SA), they decided to break it rather than correct the security holes that were uncovered. Here's some info for others that trip over this bug report: http://www.gossamer-threads.com/lists/engine?do=post_view_printable;post=562021;list=linux Hi, David. While I was unable to view the link in comment #1, I can understand why some people view Linux's resetting of a task's capability mask on exec() as an undesirable implementation. However, it is possible to use capabilities constructively under Linux. The basic idea is that an application must be setuid-to-root, and then that app should downgrade its capabilities to its minimum required set. I'll attach a code segment for demonstrating this in the next comment. Created attachment 141124 [details]
demonstration of downgrading capabilities for setuid-to-root program
|