> if 'ping' is setuid root and the first thing say ping.c does is:
>
> drop_cap(ALL_BUT_RAWSOCKET);
Yes this is good isn't it. Note that traceroute's a better example; ping
for linux already does:
main()
fd = socket(SOCK_RAW ...)
setuid(getuid());
rlogin, rsh, dump, restore, even lpr, lprm, lpq, etc. all benefit a
similar way with
drop_cap(ALL_BUT_BIND_TO_LOW_PORT);
Chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu