Re: Linux capabilities shouldn't be lost during setuid to non-rootfrom root or to another non-root uid from a non-root uid.

From: crocket
Date: Mon Apr 18 2011 - 11:02:27 EST


I have several questions.

1) How do I set SECBIT_NO_SETUID_FIXUP?

2) Is there any reason to unset SECBIT_NO_SETUID_FIXUP by default?

On Mon, Apr 18, 2011 at 5:28 PM, Serge E. Hallyn <serge@xxxxxxxxxx> wrote:
> Quoting crocket (crockabiscuit@xxxxxxxxx):
>> I don't like the fact that an application should be linux-specific to
>> keep capabilities after setuid.
>> If users added capabilities to a file, they would know what they were
>> doing, and they would want applications to keep capabilities even
>> after setuid.
>
> Alternatively, you could call the program using a wrapper which first
> sets the SECBIT_NO_SETUID_FIXUP securebit, after which setuid would
> not trigger any capability changes.
>
> -serge
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/