On Sat, 17 Apr 2010 20:30:02 +0200, Mick wrote about Re: [gentoo-user] How many ways are there for a user to increase their permissions?:
>On Friday 16 April 2010 23:13:34 Jonathan wrote: [snip] >> 4: Linux "Capabilities" or "caps": Which increases permissions on a >> per-file basis. e.g. removing SUID from ping and adding CAP_NET_RAW >> to ping. This is much safer than running the whole program as root. >> http://linux.die.net/man/7/capabilities > >This is a first for me. I haven't used it before and it seems it is >not set up on my box by default. In fact, POSIX capabilities are a mechanism to *reduce* a program's permissions, not increase them. With a default system, any program that needs to do, say, one privileged operation must be run as root. The typical example is to open a service port (i,e, 1023 or lower) rather than an ephemeral port in the TCP/IP stack. Such a program receives full root privileges, which allow it to have full access to the filesystems, modprobe new drivers into the kernel, etc., etc., even though it only wants to listen on a service port. With caps, it is given the capability (CAP_NET_BIND_SERVICE) to open service ports without regard to the userid under which it is running. This means that it will *NOT* have permissions to modprobe drivers, mess about with files arbitrarily, etc. man 7 capabilities If you don't have that man page, you will need to emerge libcap. -- Regards, Dave [RLU #314465] ====================================================================== dwn...@ntlworld.com (David W Noon) ======================================================================
signature.asc
Description: PGP signature
