Clint Adams wrote:
On Tue, Sep 01, 2009 at 12:24:23AM -0400, Yaroslav Halchenko wrote:
do you mean that executables with any capabilities (or even just
cap_sys_nice) set are considered insecure and LD_PRELOAD is explicitly
disallowed so LD_PRELOAD of fakeroot library fails?
Yes, it is the same as with setuid/setgid programs. The point is
that otherwise you could make a preload library to exploit any
capability by subverting one of the functions used by a privileged
binary.
I'm not sure how fakeroot-ng interacts with capabilities, but
perhaps it is more suitable for your use case.
For SUID, fakeroot means that the program runs with privileges but
without fakeroot's wrapping. Fakeroot-ng means that program runs without
the (real) privileges, but with fakeroot-ng's wrapping. I'm not sure
about capabilities, but it's definitely worth giving it a try.
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting Ltd.
http://www.lingnu.com
