> > > But then the process will loose its capabilities. What you have
> > > achieved is simply that there are a few things you can't do directly
> > > when you have found a hole in ping. You can still do them indirectly
> > > since you own the UID.
> >
> > No. Look above. elfcap hack allows you not only to loose capabilities,
> > but also set euid back to ruid - so ping command will not really run
> > with euid=0, and you will not be able to do anything - directly or
> > indirectly.
>
> Ahh - suddenly your patch shines :-). It seems like a very useful
I'm glad to hear that ;-)
> hack. If we go for this patch, I guess we need a small extra check
> for CAP_SETFCAP when setting a file suid-root in
Hmm, I guess that is needed for correctness. Well, we can do that
later ;-)
> fs/attr.c:notify_change. Also, I couldn't access the "info & utility
> programs" at the URL listed in the documentation though. Is the URL
> correct?
Yes, but I've copied files just now (sorry).
Pavel
-- I'm really pavel@ucw.cz. Look at http://195.113.31.123/~pavel. Pavel Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/