Re: [PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL
From: Yves-Alexis Perez
Date: Tue Mar 19 2013 - 03:19:40 EST
On lun., 2013-03-18 at 17:32 -0400, Matthew Garrett wrote:
> This patch introduces CAP_COMPROMISE_KERNEL. Holding this capability
> indicates that a process is empowered to perform tasks that may result
> modification of the running kernel. While aimed at handling the
> use-case of Secure Boot, it is generalisable to any other environment
> permitting userspace to modify the kernel is undesirable.
About that, did someone looked at the way securelevel(7) is handled on
OpenBSD? This is more or less the same thing, where there's a desire to
distinguish uid 0 from ring0. They're not using a capability but more a
global state which allows more or less stuff depending on the value
(securelevel=-1 to securelevel=2).
Description: This is a digitally signed message part