Re: file effective and process inheritable mask

Y2K (y2k@y2ker.com)
Mon, 26 Apr 1999 09:06:57 -0700 (PDT)


On Mon, 26 Apr 1999, Horst von Brand wrote:
> "David L. Parsley (lkml account)" <kparse@salem.k12.va.us> said:
> How about passing _only_ the caps in effect when doing an exec(2) to the
> child, fI on that allowing? This gives the effect of fM, but finer-grained.
Thats close to what I want(restricting on pP). Restricting on pE doesn't
work in the legacy situation ruid=0 euid=5, do an exec, then child decides
to flip the two uids and bam thats when you figure out it can't restore
the caps it should have inherited. SECURE_NO_SETUID_FIXUP still needs to
be unset for awhile.
> It would almost always be "none at all": Witness "foo --version"
almost always , but maybe not *always* . I have *some* support for that in
my patch already. It seemed cheap enough to do. Famous last words;->
I should release latest version to the list soon. Actually I should really
look into getting some place to host it. If I can find someone who doesn't
mind some of the controversy I seem to be generating around this issue.

--
Warning:
When I mention capabilites I mean "soiled" capabilities not "pure draft".
Any caps I mention are *derived* from a withdrawn draft posix document.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/