Date: Thu, 18 Nov 2010 10:56:27 -0800 From: Kees Cook <kees@...ntu.com> To: Steve Grubb <sgrubb@...hat.com> Cc: oss-security@...ts.openwall.com Subject: Re: filesystem capabilities Hi Steve, On Wed, Nov 10, 2010 at 02:55:47PM -0500, Steve Grubb wrote: > drop all privs is a 2 liner: > capng_clear(CAPNG_SELECT_CAPS); > if (capng_apply(CAPNG_SELECT_CAPS)) > exit(0); > > Not sure anything that small needs a library function. Well, yeah, if it's just caps, I'd agree, but I'm failing to describe what I mean. :) For the transition from setuid to fscaps, there will be a time where distros may ship a program with both setuid-root and fscaps. (Some stacked filesystems, for example, don't support fscaps.) In these situations, it would be nice to have a single library-based routine that all of these programs can call that will basically do the following: - remember if I'm running setuid - drop all but needed caps - if I was setuid, drop uid back to real uid That way the sensitive code isn't cut/pasted into lots of programs, just they all call out to a single place, and everything gets it right, regardless of them being setuid or fscap. > I asked the maintainer if he's had any discussion [about upstreaming > the tar xattr patches] lately. Any news here? > > Has there been any discussion of making rsync, cp, and cpio default to > > copying xattrs and acls too? I know at least with rsync they are explicitly > > not included in the "-a" option. :( > > My rsync man page shows a -X option and cp has a --preserve=xattr. cpio doesn't but no > one seems to have been missing that. Right, but I mean, it seems like it would be valuable to make these options _part_ of -a when currently they are explicitly not included. -Kees -- Kees Cook Ubuntu Security Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.