Re: [RFC] Capabilities still can't be inherited by normal programs

From: Kees Cook
Date: Mon Dec 10 2012 - 15:17:05 EST

Next message: J. Bruce Fields: "Re: [PATCH 0/8] nfsd: make service created per net"
Previous message: Hodukoma: "Fund transfer."
In reply to: Andy Lutomirski: "Re: [RFC] Capabilities still can't be inherited by normal programs"
Next in thread: Andy Lutomirski: "Re: [RFC] Capabilities still can't be inherited by normal programs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Dec 10, 2012 at 11:55 AM, Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
> Write a daemon. Rig up wrappers for each setuid program to instead
> call into that daemon and have that daemon invoke the privileged
> program on behalf of the caller, with a sanitized environment. Be
> annoyed by a few items on the "linux plumber's wish list" that make
> this rather difficult right now.

FWIW, this is something we'd like to do in Chrome OS. Dealing with
fs-attrs has traditionally been a pain, so this kind of simple passing
down of privilege would be much nicer. It means we'd have a
programmatic way to decide what privs a helper has, rather than having
to represent it in some way on-disk.

-Kees

--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: J. Bruce Fields: "Re: [PATCH 0/8] nfsd: make service created per net"
Previous message: Hodukoma: "Fund transfer."
In reply to: Andy Lutomirski: "Re: [RFC] Capabilities still can't be inherited by normal programs"
Next in thread: Andy Lutomirski: "Re: [RFC] Capabilities still can't be inherited by normal programs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]