Re: sys_setpriority error

From: Valdis.Kletnieksat_private
Date: Wed May 30 2001 - 22:47:38 PDT

  • Next message: David Wagner: "Re: sys_setpriority error"

    On Wed, 30 May 2001 22:04:16 PDT, Chris Lundberg <clundberat_private>  said:
    > I was under the impression that a _security_ module was supposed to
    > prevent people from doing bad and evil, not allow them to do new bad and
    > evil.  That is to say, if we are adding security hooks, then they
    > shouldn't allow the user to do anything they couldn't before, but instead
    > disallow them from doing bad things.
    It's quite plausible that you would want to allow something to happen that
    couldn't before.  As a *2AM STRAW MAN*, consider xntpd.
    The only 2 things it needs root for are a bind() to port 123 and diddling
    with the system clock.  Now, if you find a way to allow the xntpd binary
    to do those 2 things without root - you have allowed the user to do things
    they couldn't do before.
    Now, of course, a *sane* security policy would have a clause "if running
    as user 'ntp' and the binary is /usr/sbin/xntpd and...".  But it's still
    allowing something to happen as a user that didn't used to be allowable.
    Heck, the entire P1003.1c/3e capabilities/ACL/etc thing is all about
    adding additional things toi the set of things allowable to users (under
    controlled circumstances).
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Wed May 30 2001 - 22:48:29 PDT