On Wed, 2013-03-20 at 10:41 -0400, Vivek Goyal wrote:
> I am not sure why CAP_COMPROMISE_KERNEL(CAP_MODIFY_KERNEL) is any
> different. When secureboot is enabled, kernel will take away that
> capability from all the processes. So kernel became a decision maker
> too whether processes have
On Wed, Mar 20, 2013 at 04:07:58PM +1100, James Morris wrote:
> On Fri, 15 Mar 2013, Casey Schaufler wrote:
>
> > Capabilities aren't just random attribute bits. They
> > indicate that a task has permission to violate a
> > system policy (e.g. change the mode bits of a file
> > the user doesn't
On Wed, Mar 20, 2013 at 04:07:58PM +1100, James Morris wrote:
On Fri, 15 Mar 2013, Casey Schaufler wrote:
Capabilities aren't just random attribute bits. They
indicate that a task has permission to violate a
system policy (e.g. change the mode bits of a file
the user doesn't own).
On Wed, 2013-03-20 at 10:41 -0400, Vivek Goyal wrote:
I am not sure why CAP_COMPROMISE_KERNEL(CAP_MODIFY_KERNEL) is any
different. When secureboot is enabled, kernel will take away that
capability from all the processes. So kernel became a decision maker
too whether processes have
On Fri, 15 Mar 2013, Casey Schaufler wrote:
> Capabilities aren't just random attribute bits. They
> indicate that a task has permission to violate a
> system policy (e.g. change the mode bits of a file
> the user doesn't own).
Casey's right here, as well he should be.
--
James Morris
--
To
Quoting Eric W. Biederman (ebied...@xmission.com):
>
> Adding Serge as he is the sometimes capabilities maintainer to this
> discussion.
Thanks, Eric.
> Casey Schaufler writes:
>
> > On 3/18/2013 11:30 AM, Vivek Goyal wrote:
> >> On Mon, Mar 18, 2013 at 10:50:21AM -0700, Casey Schaufler
Quoting Eric W. Biederman (ebied...@xmission.com):
Adding Serge as he is the sometimes capabilities maintainer to this
discussion.
Thanks, Eric.
Casey Schaufler ca...@schaufler-ca.com writes:
On 3/18/2013 11:30 AM, Vivek Goyal wrote:
On Mon, Mar 18, 2013 at 10:50:21AM -0700, Casey
On Fri, 15 Mar 2013, Casey Schaufler wrote:
Capabilities aren't just random attribute bits. They
indicate that a task has permission to violate a
system policy (e.g. change the mode bits of a file
the user doesn't own).
Casey's right here, as well he should be.
--
James Morris
Adding Serge as he is the sometimes capabilities maintainer to this
discussion.
Casey Schaufler writes:
> On 3/18/2013 11:30 AM, Vivek Goyal wrote:
>> On Mon, Mar 18, 2013 at 10:50:21AM -0700, Casey Schaufler wrote:
>>> On 3/18/2013 10:05 AM, Vivek Goyal wrote:
On Fri, Mar 15, 2013 at
On 3/18/2013 11:30 AM, Vivek Goyal wrote:
> On Mon, Mar 18, 2013 at 10:50:21AM -0700, Casey Schaufler wrote:
>> On 3/18/2013 10:05 AM, Vivek Goyal wrote:
>>> On Fri, Mar 15, 2013 at 02:12:59PM -0700, Casey Schaufler wrote:
On 3/15/2013 1:35 PM, Vivek Goyal wrote:
> Create a new capability
On Mon, Mar 18, 2013 at 10:50:21AM -0700, Casey Schaufler wrote:
> On 3/18/2013 10:05 AM, Vivek Goyal wrote:
> > On Fri, Mar 15, 2013 at 02:12:59PM -0700, Casey Schaufler wrote:
> >> On 3/15/2013 1:35 PM, Vivek Goyal wrote:
> >>> Create a new capability CAP_SIGNED which can be given to signed
>
On 3/18/2013 10:05 AM, Vivek Goyal wrote:
> On Fri, Mar 15, 2013 at 02:12:59PM -0700, Casey Schaufler wrote:
>> On 3/15/2013 1:35 PM, Vivek Goyal wrote:
>>> Create a new capability CAP_SIGNED which can be given to signed executables.
>> This would drive anyone who is trying to use
>> capabilities
On Fri, Mar 15, 2013 at 02:12:59PM -0700, Casey Schaufler wrote:
> On 3/15/2013 1:35 PM, Vivek Goyal wrote:
> > Create a new capability CAP_SIGNED which can be given to signed executables.
>
> This would drive anyone who is trying to use
> capabilities as the privilege mechanism it is
> intended
On Fri, Mar 15, 2013 at 02:12:59PM -0700, Casey Schaufler wrote:
On 3/15/2013 1:35 PM, Vivek Goyal wrote:
Create a new capability CAP_SIGNED which can be given to signed executables.
This would drive anyone who is trying to use
capabilities as the privilege mechanism it is
intended to be
On 3/18/2013 10:05 AM, Vivek Goyal wrote:
On Fri, Mar 15, 2013 at 02:12:59PM -0700, Casey Schaufler wrote:
On 3/15/2013 1:35 PM, Vivek Goyal wrote:
Create a new capability CAP_SIGNED which can be given to signed executables.
This would drive anyone who is trying to use
capabilities as the
On Mon, Mar 18, 2013 at 10:50:21AM -0700, Casey Schaufler wrote:
On 3/18/2013 10:05 AM, Vivek Goyal wrote:
On Fri, Mar 15, 2013 at 02:12:59PM -0700, Casey Schaufler wrote:
On 3/15/2013 1:35 PM, Vivek Goyal wrote:
Create a new capability CAP_SIGNED which can be given to signed
On 3/18/2013 11:30 AM, Vivek Goyal wrote:
On Mon, Mar 18, 2013 at 10:50:21AM -0700, Casey Schaufler wrote:
On 3/18/2013 10:05 AM, Vivek Goyal wrote:
On Fri, Mar 15, 2013 at 02:12:59PM -0700, Casey Schaufler wrote:
On 3/15/2013 1:35 PM, Vivek Goyal wrote:
Create a new capability CAP_SIGNED
Adding Serge as he is the sometimes capabilities maintainer to this
discussion.
Casey Schaufler ca...@schaufler-ca.com writes:
On 3/18/2013 11:30 AM, Vivek Goyal wrote:
On Mon, Mar 18, 2013 at 10:50:21AM -0700, Casey Schaufler wrote:
On 3/18/2013 10:05 AM, Vivek Goyal wrote:
On Fri, Mar 15,
On 3/15/2013 1:35 PM, Vivek Goyal wrote:
> Create a new capability CAP_SIGNED which can be given to signed executables.
This would drive anyone who is trying to use
capabilities as the privilege mechanism it is
intended to be absolutely crazy.
Capabilities aren't just random attribute bits. They
Create a new capability CAP_SIGNED which can be given to signed executables.
Signed-off-by: Vivek Goyal
---
include/uapi/linux/capability.h | 12 +++-
kernel/cred.c |7 +++
security/commoncap.c|2 ++
3 files changed, 20 insertions(+), 1
Create a new capability CAP_SIGNED which can be given to signed executables.
Signed-off-by: Vivek Goyal vgo...@redhat.com
---
include/uapi/linux/capability.h | 12 +++-
kernel/cred.c |7 +++
security/commoncap.c|2 ++
3 files changed, 20
On 3/15/2013 1:35 PM, Vivek Goyal wrote:
Create a new capability CAP_SIGNED which can be given to signed executables.
This would drive anyone who is trying to use
capabilities as the privilege mechanism it is
intended to be absolutely crazy.
Capabilities aren't just random attribute bits. They
22 matches
Mail list logo
