On Thu, 15 Jun 2000, Jesse Pollard wrote:
>
> > By your criteria, any file at all is a trojan. One of your crazy
> > admins might look at /bin/rm and think, "hey, that needs to be
> > able to delete any file, so I'll just grant it DAC override".
>
> Any file COULD be a trojan. Those files with capabilities set via elfcap
^^^^^^^^^^^^^^^
elfcap only *unsets* it never *sets*.
Don't mark it suid or run it with caps already set high and you should
have no problems. The only problem you might have with unseting is the
partial privledges with legacy/buggy software. That can be helped a little
by encoding in the elf cap a minimum mask and if the executable can't get
that maybe encode in it to either return -EPERM, or drop all caps so you
are at null.
However if they had write permissions on the file I strongly doubt that
they would even try and drop caps, they would just take what they get and
put code in there to do the most with what you have given them.
> capabilities are MORE LIKELY to be a trojan. This is an increase in risk.
>
> Obviously you've never had to audit a system in detail. It takes a LONG time
> to do.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Jun 15 2000 - 21:00:36 EST