Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753346AbZCLUVe (ORCPT ); Thu, 12 Mar 2009 16:21:34 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1751395AbZCLUV0 (ORCPT ); Thu, 12 Mar 2009 16:21:26 -0400 Received: from rv-out-0506.google.com ([209.85.198.236]:34760 "EHLO rv-out-0506.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750809AbZCLUVZ convert rfc822-to-8bit (ORCPT ); Thu, 12 Mar 2009 16:21:25 -0400 DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=q80saEbBuOs82RMUHv72+aKR4MbPMtp3+my7D145ImgMbEt2V3L2LG4ZmWGnEmJv8P +XbmlDaI9O8sxs91Pb/84SzUHuHRANXvEo4VOZDjMLvsslIQoU2ny4Yu4wZ+6jMrZcuw AGxgcv1ZwOp3mNPGzAh6BxWNv+3xTYUPP8jeY= MIME-Version: 1.0 In-Reply-To: <20090312161047.GA15209@us.ibm.com> References: <20090311232356.GP13540@fieldses.org> <20090312161047.GA15209@us.ibm.com> Date: Fri, 13 Mar 2009 09:21:23 +1300 X-Google-Sender-Auth: e2050b26c3016e9a Message-ID: <517f3f820903121321sf6d2014q8165b925d5d44db7@mail.gmail.com> Subject: Re: VFS, NFS security bug? Should CAP_MKNOD and CAP_LINUX_IMMUTABLE be added to CAP_FS_MASK? From: Michael Kerrisk To: "Serge E. Hallyn" Cc: "J. Bruce Fields" , Igor Zhbanov , linux-kernel@vger.kernel.org, viro@zeniv.linux.org.uk, neilb@suse.de, Trond.Myklebust@netapp.com, David Howells , James Morris , Michael Kerrisk Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1384 Lines: 35 On Fri, Mar 13, 2009 at 5:10 AM, Serge E. Hallyn wrote: > Quoting J. Bruce Fields (bfields@fieldses.org): >> On Wed, Mar 11, 2009 at 03:53:34PM +0300, Igor Zhbanov wrote: >> > Hello! >> > >> > It seems that CAP_MKNOD and CAP_LINUX_IMMUTABLE were forgotten to be >> > added to CAP_FS_MASK_B0 in linux-2.6.x and to CAP_FS_MASK in >> > linux-2.4.x. Both capabilities affects file system and can be >> > considered file system capabilities. >> >> Sounds right to me--I'd expect rootsquash to guarantee that new device >> nodes can't be created from the network. ?Cc'ing random people from the >> git log for include/linux/capability.h in hopes they can help. > > Yeah it seems reasonable. ?If it is, then does that mean that we > also need CAP_SYS_ADMIN (to write selinux labels) and CAP_SETFCAP > (to set file capabilities) as well? If a change is made to CAP_FS_MASK, please do remember to CC mtk.manpages@gmail.com, and linux-api@. Cheers, Michael -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Found a documentation bug? http://www.kernel.org/doc/man-pages/reporting_bugs.html -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/