Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Mon, 28 Oct 2002 20:02:04 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Mon, 28 Oct 2002 20:02:04 -0500 Received: from mailout02.sul.t-online.com ([194.25.134.17]:52187 "EHLO mailout02.sul.t-online.com") by vger.kernel.org with ESMTP id ; Mon, 28 Oct 2002 20:02:03 -0500 To: Cc: , Subject: Re: [PATCH][RFC] 2.5.44 (1/2): Filesystem capabilities kernel patch References: <87elaanlhx.fsf@goat.bogus.local> From: Olaf Dietsche Date: Tue, 29 Oct 2002 02:08:01 +0100 In-Reply-To: <87elaanlhx.fsf@goat.bogus.local> (Olaf Dietsche's message of "Tue, 29 Oct 2002 01:20:58 +0100") Message-ID: <877kg2njbi.fsf@goat.bogus.local> User-Agent: Gnus/5.090005 (Oort Gnus v0.05) XEmacs/21.4 (Honest Recruiter, i386-debian-linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1240 Lines: 30 Olaf Dietsche writes: > writes: > >> On Mon, 28 Oct 2002, Olaf Dietsche wrote: >> >>> If you're careful with giving away capabilities however, this patch >>> can make your system more secure as it is. But this isn't fully >>> explored, so you might achieve the opposite and open new security >>> holes. Famous last words :-( >> >> Have you checked how glibc handles an executable with filesystem >> capabilities? e.g. can an LD_PRELOAD hack subvert the privileged >> executable? > > No, I didn't check. Thanks for this hint, I will look into this. I just downloaded glibc 2.3.1 and would say you can subvert a privileged executable with LD_PRELOAD. There's no mention of PR_GET_DUMPABLE anywhere and __libc_enable_secure is set according to some euid/egid tests. Hopefully, someone more fluent in glibc issues can shed some light? Is there a way to switch LD_PRELOAD off completely or on a needed basis? Regards, Olaf. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/