On Sat, Dec 06, 2003 at 06:35:45PM -0600, Jack O'Quin wrote:
>
> I've been experimenting with Torben's LSM for the 2.6 kernel, and the
> realtime group permissions mechanism we discussed.
>
> Naturally, there are some problems. The worst is that GTK-2 will not
> tolerate the use of setgid...
uhh... i only tested with muse. now this is really bad.
hmm... perhaps we trick the binary by setting the gid back
to the e_gid after enabling capabilities :)
it works... add this to my version:
if( (rtgid != 0) && (bprm->e_gid == rtgid) ) {
+
+ bprm->e_gid = current->gid;
+
bprm->cap_effective = CAP_TO_MASK(CAP_IPC_LOCK) |
CAP_TO_MASK(CAP_SYS_NICE) | CAP_TO_MASK(CAP_SYS_RESOURCE);
bprm->cap_permitted = CAP_TO_MASK(CAP_IPC_LOCK) |
CAP_TO_MASK(CAP_SYS_NICE) | CAP_TO_MASK(CAP_SYS_RESOURCE);
}
i am not sure what you did to the jack cvs.
i hope you dont check for the realtime group as it wont work anymore :)
caps are enabled silently :)
but i guess you try to get them and revert to the old mechanisms if it fails.
> So, I modified Torben's LSM to check supplementary groups, and this
> seems to work fine. From a system admin perspective it's pretty good.
> I'm a member of group `audio', which was accomplished by adding my
> user ID (joq) to the appropriate entry in /etc/group...
>
> [...]
well this is an alternative but i would be happier to explicitely give
away the DOS privilege to programs. rather than enabling it for my
account.
> For reasons I cannot explain, this works without requiring the
> CAP_SYS_RESOURCE capability, a welcome but unexpected bonus.
very nice indeed. i really wasnt very happy with RESOURCE
> I would appreciate comments, feedback, and bug reports. If you want
> to try it, don't forget that it has received minimal testing. Neither
> I nor anyone else can promise that it will not adversely affect your
> system security or stability. Caveat emptor!
yep...
--
torben Hohn
http://galan.sourceforge.net -- The graphical Audio language
