Re: sys_setpriority error

From: Chris Wright (chrisat_private)
Date: Wed May 30 2001 - 16:10:40 PDT

  • Next message: Titus D. Winters: "Re: sys_setpriority error"

    * Titus D. Winters (titusat_private) wrote:
    > > The dummy functions don't really provide much in the way of security.  They
    > > fall some where between DAC and everybody is root.  Stephen Smalley has
    > > suggested re-evaluating the dummy code and adding root checks to align with
    > > DAC.  I am inclined to fix this in dummy_setnice rather than
    > > sys_setpriority.
    > I think the issue is that the logic is wrong (or unclear at the least.)
    > Currently it is saying:
    > if (you are rootish, own the process, or the module lets you) you can
    > renice things
    > And Roy suggests:
    > if ((you are rootish or own the process) AND (the module lets you)) you
    > can renice things.
    > Beyond even dummy stuff, it seems more useful (not to mention safer) to
    > rework the logic.  This way one could write modules that would hamper root
    > (useful for trappin' baddies), instead of writing modules that allow huge
    > security holes.
    I understand what your driving at.  But I hesitate to make logic changes to
    the kernel.  Consider original code reads...
      if (p->uid != current->euid &&
         p->uid != current->uid && !capable(CAP_SYS_NICE)) {
    This really doesn't have any test for root.  just checks that both your uid
    and euid don't match the target process's uid _and_ you aren't capable.
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Wed May 30 2001 - 16:13:27 PDT