Re: immutable flag on ext2fs

Chris Evans (chris@ferret.lmh.ox.ac.uk)
Tue, 22 Jun 1999 13:45:24 +0100 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Geert Uytterhoeven: "Re: [linux-fbdev] Re: bug in fbmem.c,"
Previous message: Chris Evans: "Re: immutable flag on ext2fs"

On Tue, 22 Jun 1999, Domas Mituzas wrote:

...

> So even root will not be able to remove immutable flags with this kernel.
> Or there are more funny things... adding right here CAP_NET_RAW will
> disable ability to run sniffers (and sending ping).

Root can remove the immutable flag indirectly with any of the following
capabilities and/or write accesses

1) CAP_RAW_IO
2) CAP_MODULE
3) write permission to the raw block device

> /* Allow ptrace() of any process */
> #define CAP_SYS_PTRACE 19
>
> huh, noone will able to trace processes.

No. No-one will be able to trace processes they don't own.

Chris

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Geert Uytterhoeven: "Re: [linux-fbdev] Re: bug in fbmem.c,"
Previous message: Chris Evans: "Re: immutable flag on ext2fs"