Menu
▾
▴
Re: [uml-devel] cap-bound not working in uml
|
From: Blaisorblade <bla...@ya...> - 2006-07-16 10:31:49
|
On Saturday 15 July 2006 17:23, Frank v Waveren wrote:
> I was trying to limit some unecessary capabilities in a UML instance
> with /proc/sys/kernel/cap-bound, but it turned out not to take.
To remove capabilities from the whole system (i.e. all processes) the
recommended way wasn't to use lcap (or a similar program bundled with
libcap)?
> The source of the problem (or at least something a bit of the way up
> the garden path of the problem) is at security/commoncap.c:140 at the
> top of cap_bprm_apply_creds(bprm, unsafe):
>
> void cap_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
> {
> /* Derived from fs/exec.c:compute_creds. */
> kernel_cap_t new_permitted, working;
>
> new_permitted = cap_intersect (bprm->cap_permitted, cap_bset);
> working = cap_intersect (bprm->cap_inheritable,
> current->cap_inheritable);
> new_permitted = cap_combine (new_permitted, working);
> ...
>
> Here the new permitted set gets limited to the bits in cap_bset, which
> is as it should be, but then the intersection of the of the current
> and exec inheritable masks get added to that set, whereas as I
> understand it, cap_bset should always be the bounding set.
>
> I've tried commenting out that bit and everything worked as I'd hoped
> (I haven't done extensive testing, but bounding the caps worked, as
> did suids and such).
>
> That doesn't explain why it works with those lines left in on a
> non-UML kernel though, so I assume I'm missing something fundamental.
>
> (My guest kernel is
> Linux version 2.6.16.24 (fv...@ju...) (gcc version 4.0.3 20051201
> (prerelease) (Debian 4.0.2-5)) #3 Sat Jul 15 16:54:20 CEST 2006
> , should it matter)
--
Inform me of my mistakes, so I can keep imitating Homer Simpson's "Doh!".
Paolo Giarrusso, aka Blaisorblade
http://www.user-mode-linux.org/~blaisorblade
Chiacchiera con i tuoi amici in tempo reale!
http://it.yahoo.com/mail_it/foot/*http://it.messenger.yahoo.com
|