Re: [RFC] [PATCH 2/2] file capabilities: change fE to a bool

Andrew Morgan Wed, 18 Jul 2007 00:39:38 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Serge,


I spent the evening getting my local build of libcap (building the
libcap/progs/old/setcap and getcap tools) working with the new kernel
support.

It seems there is a basic insecurity bug in the xattr support insofar as
doing the following does not delete the capabilities on a file when I
copy over it...:

[EMAIL PROTECTED] progs]$ cd ~
[EMAIL PROTECTED] progs]$ cp /bin/ping .
[EMAIL PROTECTED] progs]$ ./ping localhost
[EMAIL PROTECTED] progs]$ ping: icmp open socket: Operation not permitted
[EMAIL PROTECTED] progs]$ sudo setcap cap_net_raw=ep ping
[EMAIL PROTECTED] progs]$ getcap ping
Capabilities for `ping':
= cap_net_raw+ep
[EMAIL PROTECTED] progs]$ ./ping localhost
64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=0 ttl=64
time=0.056 ms64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=1
ttl=64 time=0.058 ms
<Ctrl-C>
- --- localhost.localdomain ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1009ms
rtt min/avg/max/mdev = 0.056/0.057/0.058/0.001 ms, pipe 2
[EMAIL PROTECTED] progs]$ cp /bin/ping .
[EMAIL PROTECTED] progs]$ ./ping localhost
PING localhost.localdomain (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=0 ttl=64
time=0.057 ms64 bytes from localhost.localdomain (127.0.0.1): icmp_seq=1
ttl=64 time=0.056 ms
- --- localhost.localdomain ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1008ms
rtt min/avg/max/mdev = 0.056/0.056/0.057/0.007 ms, pipe 2

This last operation should have failed (Operation not permitted).

Cheers

Andrew

Andrew Morgan wrote:
> Serge E. Hallyn wrote:
>> >From 29c1d5c172c137422b16b864d12b961717ead45f Mon Sep 17 00:00:00 2001
>> From: Serge E. Hallyn <[EMAIL PROTECTED]>
>> Date: Thu, 12 Jul 2007 12:21:25 -0400
>> Subject: [PATCH 1/2] file capabilities: change xattr format (v2)
> 
> Serge E. Hallyn wrote:
>> >From 3549aced829f84237ddc3ccfa571b8a938cae173 Mon Sep 17 00:00:00 2001
>> From: Serge E. Hallyn <[EMAIL PROTECTED]>
>> Date: Fri, 13 Jul 2007 12:17:45 -0400
>> Subject: [PATCH 2/2] file capabilities: change fE to a bool
> 
> These look good, thanks!
> 
> Andrew
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFGncL2QheEq9QabfIRAkchAJ426BLY9eyltTSJHji1buWQk921QACfc1TQ
XsQwo5zbI3t2iu4Zia57QqQ=
=Xq48
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe 
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [RFC] [PATCH 2/2] file capabilities: change fE to a bool

Reply via email to