Received: by 2002:a05:7412:98c1:b0:fa:551:50a7 with SMTP id kc1csp1784522rdb; Mon, 8 Jan 2024 10:03:57 -0800 (PST) X-Google-Smtp-Source: AGHT+IEzAoDinDYzYQWR0XYC8SGEdAyTOTUQJlUw/fbYaWLhWCgivD5LP9mwPNNOCrgEsjVvuA/0 X-Received: by 2002:a17:90b:309:b0:28b:f1b3:4426 with SMTP id ay9-20020a17090b030900b0028bf1b34426mr2026409pjb.51.1704737036819; Mon, 08 Jan 2024 10:03:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704737036; cv=none; d=google.com; s=arc-20160816; b=IeMCS4Xwug3yXKSZf4uLuMK5JfFx6Of6fJ5Kga/GwYFhOfQPU6ZeOaJDwe2Ac0Yv/g SJWllWzj+0yyf7Ko5l6/l5CEbNvRVySOstX9ppsX7b8cx5IlMgASRdWLpBnRJ6IiG4I3 AY2rvY6i6heVLAJy+QhnmqBuO8RLyx1MR6mhgPSbULDQcwFp3NgpgYkPqLPG04ZoeX72 DIWvO62Ef5lcZEOK+jGJYfToF0h+y85gu0y5Br4OVLd+kgqTLw3nlGogXSzYmc4Q+hSV h8oWmPxgeR0Xw7rkFpp9taVzmP3N14c0CTG3OxmgnxGM0kPKKXHSxqbLAUNtC+eEC02O MmHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:subject:cc:to:from:date:dkim-signature; bh=GvMazmgKoWsnbBpLVotpsngL1oQ/K5uRYIxujPwKFyo=; fh=Oek5BeqayACE36wE4Dn2KbuoKmgXVIRFNpVAi0063bY=; b=SYj619x/GoGBJ240A6ebg1yQpkFH8djpoJIcehUbSeGkJtpX7OhMu7chSZ4TQCAv68 /1dUVA9nCSPIhJs6sNivsPaGQ6+TtlOa1/6dslEKytFJB0sP6yGwHjyL4bcvTEKRzu2i nvyGfJ/90gOP7C+ODg+nzM13A7tZyMz+3ia1KH3jeu4frzz2wh2vHjFKj2QGGMw8X/FF Pt22l6HTFXIQ9ftaXmsroMkMSlmUKi4AmE40xfnyoeuHmOTWPrVUJamDhERFbVwDg50O xqtNyZXOxKymbdtQnu794fiGYk1mZ0GzVQxlqTW2UuyG8dZ3RduQlbyuO9C6oRmORO53 kSMQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=btZUj6hu; spf=pass (google.com: domain of linux-kernel+bounces-19925-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-19925-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id mh13-20020a17090b4acd00b0028d91f2bad1si114668pjb.28.2024.01.08.10.03.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Jan 2024 10:03:56 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-19925-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=btZUj6hu; spf=pass (google.com: domain of linux-kernel+bounces-19925-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-19925-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 7BBEB2848D2 for ; Mon, 8 Jan 2024 18:03:56 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 9BD0D5644B; Mon, 8 Jan 2024 17:58:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="btZUj6hu" X-Original-To: linux-kernel@vger.kernel.org Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 96AFB55E64 for ; Mon, 8 Jan 2024 17:57:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=chromium.org Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-1d3aa0321b5so19192715ad.2 for ; Mon, 08 Jan 2024 09:57:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1704736677; x=1705341477; darn=vger.kernel.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=GvMazmgKoWsnbBpLVotpsngL1oQ/K5uRYIxujPwKFyo=; b=btZUj6huR1TasDu5KvFVxrCcA5Cm2gdcQ+BiuJOFoeDqAkmyS9e3wtLmI/m8TAxNnG jXDZHK0csCiac7llVS6fLWwZAs/tcybxf+ajdert0LvQ4MIWF84kCXeHwLw1pS/3R8ty Am3ID93IVSBA8vgb1ou02G3UWIlVd/RRGcVFQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704736677; x=1705341477; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=GvMazmgKoWsnbBpLVotpsngL1oQ/K5uRYIxujPwKFyo=; b=Bnwi1os/44AlyiMTyM0E6RvcELwWyDv34o3ls4Ci+PmgXciH7FEFRId4l/p9O83Hvz dF+Z8sPF81fJzeCbWwYSxYv8EmHxCsbSc2Wy3LH+3vKBfdaGTlAsBiTIAIBJgWbT9ad1 yB3imeZ179Ye9FUp/u/r7oh7YZwVMHLpzmQlp4oI/WXs1UTMDlQORJWEIagtLZCn4hhz CeNEde2Si6LTnGp5Cj9d5ZA/wIF/CuHb4Utb+w0HdHTmeB0hxojxitSowfwpEpjfW8w0 oPFDTZIZKSrn0TSUWpQM7SqqKaVoCn1OvevpqL48/LdWYxUTM/sli348vFlS7qqFuPW/ DDBg== X-Gm-Message-State: AOJu0Yy8Vn+ARoKcO3TVIhwnZWKUw4sintZax8LKIgQAswkQ6nyMPxAY QWWACapLOOEgIVvppurodNthN6XO73pL X-Received: by 2002:a17:90a:7566:b0:28c:287b:dd96 with SMTP id q93-20020a17090a756600b0028c287bdd96mr2073284pjk.8.1704736676908; Mon, 08 Jan 2024 09:57:56 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id w7-20020a17090a4f4700b0028c8a4fb12fsm240139pjl.49.2024.01.08.09.57.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Jan 2024 09:57:56 -0800 (PST) Date: Mon, 8 Jan 2024 09:57:55 -0800 From: Kees Cook To: Jingzi Meng Cc: gregkh@linuxfoundation.org, gpiccoli@igalia.com, john.ogness@linutronix.de, linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, pmladek@suse.com, rostedt@goodmis.org, senozhatsky@chromium.org, tony.luck@intel.com Subject: Re: [PATCH] cap_syslog: remove CAP_SYS_ADMIN when dmesg_restrict Message-ID: <202401080956.7FBE02F54C@keescook> References: <2024010306-tweezers-skinhead-083e@gregkh> <20240105062007.26965-1-mengjingzi@iie.ac.cn> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20240105062007.26965-1-mengjingzi@iie.ac.cn> On Fri, Jan 05, 2024 at 02:20:07PM +0800, Jingzi Meng wrote: > CAP_SYSLOG was separated from CAP_SYS_ADMIN and introduced in Linux > 2.6.37 (2010-11). For a long time, certain syslog actions required > CAP_SYS_ADMIN or CAP_SYSLOG. Maybe it’s time to officially remove > CAP_SYS_ADMIN for more fine-grained control. > > CAP_SYS_ADMIN was once removed but added back for backwards > compatibility reasons. In commit 38ef4c2e437d ("syslog: check cap_syslog > when dmesg_restrict") (2010-12), CAP_SYS_ADMIN was no longer needed. And > in commit ee24aebffb75 ("cap_syslog: accept CAP_SYS_ADMIN for now") > (2011-02), it was accepted again. Since then, CAP_SYS_ADMIN has been > preserved. > > Now that almost 13 years have passed, the legacy application may have > had enough time to be updated. I can't find anything mention this warning in recent times except this: https://sysdig.com/blog/container-escape-capabilities-falco-detection/ which is mainly an example about how to apply Capabilities, not a software failure. > Signed-off-by: Jingzi Meng Reviewed-by: Kees Cook If you can boot a few stock modern distros and verify nothing emits this warning any more should be sufficient evidence that this can be dropped. -Kees -- Kees Cook