Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 18 Nov 2010 10:56:27 -0800
From: Kees Cook <>
To: Steve Grubb <>
Subject: Re: filesystem capabilities

Hi Steve,

On Wed, Nov 10, 2010 at 02:55:47PM -0500, Steve Grubb wrote:
> drop all privs is a 2 liner:
> capng_clear(CAPNG_SELECT_CAPS);
> if (capng_apply(CAPNG_SELECT_CAPS))
> 	exit(0);
> Not sure anything that small needs a library function.

Well, yeah, if it's just caps, I'd agree, but I'm failing to describe what
I mean. :)

For the transition from setuid to fscaps, there will be a time where
distros may ship a program with both setuid-root and fscaps. (Some
stacked filesystems, for example, don't support fscaps.) In these
situations, it would be nice to have a single library-based routine that
all of these programs can call that will basically do the following:

- remember if I'm running setuid
- drop all but needed caps
- if I was setuid, drop uid back to real uid

That way the sensitive code isn't cut/pasted into lots of programs, just
they all call out to a single place, and everything gets it right,
regardless of them being setuid or fscap.

> I asked the maintainer if he's had any discussion [about upstreaming
> the tar xattr patches] lately.

Any news here?

> > Has there been any discussion of making rsync, cp, and cpio default to
> > copying xattrs and acls too? I know at least with rsync they are explicitly
> > not included in the "-a" option. :(
> My rsync man page shows a -X option and cp has a --preserve=xattr. cpio doesn't but no 
> one seems to have been missing that.

Right, but I mean, it seems like it would be valuable to make these options
_part_ of -a when currently they are explicitly not included.


Kees Cook
Ubuntu Security Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.