Re: Secure-linux and standard kernel

Rik van Riel (H.H.vanRiel@phys.uu.nl)
Fri, 26 Jun 1998 06:46:34 +0200 (CEST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Rik van Riel: "Re: Thread implementations..."
Previous message: MOLNAR Ingo: "Re: Thread implementations..."
In reply to: Marsh Ray: "Re: Y2K"

On Thu, 25 Jun 1998, Horst von Brand wrote:
> Rik van Riel <H.H.vanRiel@phys.uu.nl> said:
>
> [...]
>
> > This would probably be the best solution possible. We can
> > have capabilities in the executable itself (tunable with
> > some utility?) without needing support inside the filesystems.
>
> With just some tiny proggie I change my files at will, and make them SUID
> root? And we don't honor SUID anymore, breaking POSIX?

if (file_is_suid_root()) {
p->euid = 0;
if (file_has_capabilities_support()) {
p->euid = p->uid;
p->capabilities = get_caps_from_file();
}
}

I believe this has answered your question :)

Rik.
+-------------------------------------------------------------------+
| Linux memory management tour guide. H.H.vanRiel@phys.uu.nl |
| Scouting Vries cubscout leader. http://www.phys.uu.nl/~riel/ |
+-------------------------------------------------------------------+

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Rik van Riel: "Re: Thread implementations..."
Previous message: MOLNAR Ingo: "Re: Thread implementations..."
In reply to: Marsh Ray: "Re: Y2K"