Quoting Andrew Morgan ([EMAIL PROTECTED]): > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Is this the sort of change that should be abstracted into the security > module API? > > To this point, everything about the fcap changes have been in headers > and within the security module code.
Yes. I'd thought about adding a security_ops->inode_change() or somesuch hook, but there were two reasons I didn't. First, this should be done whether or not the capability module is loaded in this kernel. If we're testing a kernel with only the dummy module, we still want this to happen. Second, only the capability module needs this so far. If more modules end up needing this then we can make it more generic. But note that most security modules will likely label data the way selinux does, for classification for access control, rather than for granting privilege to unprivileged processes. -serge > [EMAIL PROTECTED] linux-2.6]$ git diff --stat master > include/linux/binfmts.h | 3 +- > include/linux/capability.h | 48 +++++++--- > include/linux/security.h | 12 ++- > security/Kconfig | 10 ++ > security/capability.c | 4 + > security/commoncap.c | 209 > ++++++++++++++++++++++++++++++++++++++++---- > security/selinux/hooks.c | 12 +++ > 7 files changed, 263 insertions(+), 35 deletions(-) > [EMAIL PROTECTED] linux-2.6]$ > > The security module doesn't appear to be in the loop for this sort of > security sensitive event. Is there a reason for not making it so? > > Cheers > > Andrew > > Serge E. Hallyn wrote: > > When you > > > > setfcaps -c cap_net_admin=p -e /bin/ping > > cp /bin/sh /bin/ping > > > > then /bin/ping should lose its file capabilities. This patch probably > > will need to be cleaned up, but seems to work as it should. > > > > thanks, > > -serge > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.6 (GNU/Linux) > > iD8DBQFGq/d/QheEq9QabfIRAvp+AJ4mCrgdHCak77qONqfQ4vR3vSQnugCeMA8l > aBvtX3nREQiBYC/UVprjRcQ= > =uZp/ > -----END PGP SIGNATURE----- > - > To unsubscribe from this list: send the line "unsubscribe > linux-security-module" in > the body of a message to [EMAIL PROTECTED] > More majordomo info at http://vger.kernel.org/majordomo-info.html - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
