I am looking into the Linux Capabilities, which have been part of the kernel since 2.2. There was a security hole which was patched in 2.2.19, and they are used throughout the kernel. Because of this hole it is not possible for one process to change the capabilities of a different process, and calling exec() to load a new application resets the capabilities. However everything I have read says that if you jump through the right hoops a setuid-root application should be able to drop its capabilities and then setuid to a user level and keep the capabilities that it retained. I am not seeing that behavior on this stock MDK9.1 installation:
UID=501 EffUID=0 PR_SET_KEEPCAPS=0 Now PR_SET_KEEPCAPS=1 cap CAP_NET_RAW = effective SET, permitted SET, inheritable SET cap CAP_NET_ADMIN = effective SET, permitted SET, inheritable SET Removed CAP_NET_RAW. PR_SET_KEEPCAPS=1 cap CAP_NET_RAW = effective CLEAR, permitted CLEAR, inheritable CLEAR cap CAP_NET_ADMIN = effective SET, permitted SET, inheritable SET As user: UID=501 EffUID=501 cap CAP_NET_RAW = effective CLEAR, permitted CLEAR, inheritable CLEAR cap CAP_NET_ADMIN = effective CLEAR, permitted CLEAR, inheritable CLEAR I have checked the kernel source and cap_emulate_setxuid() seems to implement the behavior I expect, cap-bounding is only used on exec(), and I cannot see why setting anything in CAP_INIT_INH_SET should make a difference since, as seen above, the bits I am testing are inheritable now. What, in MDK9.1 prevents it from working? -- Richard Urwin
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com