Re: 2.6.9 kernel oops with openais
From: Chris Wright
Date: Fri Oct 29 2004 - 19:48:30 EST
* Steven Dake (sdake@xxxxxxxxxx) wrote:
> What would be preferrable instead of dropping UID when privleged
> services are needed? more specifically I need
> * CAP_NET_RAW (bindtodevice)
> * CAP_SYS_NICE (setscheduler)
> * CAP_IPC_LOCK (mlockall)
You could drop all but those specific capabilities. But, since you only
seem to need those during startup there's not a huge value in doing
anything other than what you're already doing.
> I had thought about adding the correct code to get these capabilities
> but it still requires a start-from-uid0 environment
Dropping uid is a fine idea, esp. since you have to start from uid 0
to get the bind/setsched/mlock bits done. It just exposes a case where
the mlock change might surprise users, which is why I hope it's not the
common usage pattern (and I think most are root apps, so we should be ok).
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/