Re: Security through Permissiveness: A Zen Riddle?

• Previous message: Crispin Cowan: "Re: Security through Permissiveness: A Zen Riddle?"
• In reply to: Shane Kerr: "Re: Security through Permissiveness: A Zen Riddle?"
• Next in thread: KRAMER,STEVEN (HP-USA,ex1): "RE: Security through Permissiveness: A Zen Riddle?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Shane Kerr (shane@time-travellers.org) wrote:
> <offtopic level="slight">
> 
> This seems like implementation to me - as long as the hooks are there an
> LSM can do what it wishes.  If the hooks work like:
> 
>   if ((port < 1024) && biguglyprocess_struct->uid) {
>       return EPERM;
>   }
>   if (fancykernelhook->lsm->bindhook) {
>       ret = (fancykernelhook->lsm->bindhook)(port);
>       if (ret) return ret;
>   }
> 
> Then no LSM can ever implement a policy to allow non-root users to bind
> low ports.

to be clear:  the code looks like:
 if (snum && snum < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
    return -EACCESS;

and we hook in capable...so there is an override mechanism.  yes, you
can make a module that allows any user to bind to protected ports.

-chris

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Greg KH: "Re: TODO list"
• Previous message: Crispin Cowan: "Re: Security through Permissiveness: A Zen Riddle?"
• In reply to: Shane Kerr: "Re: Security through Permissiveness: A Zen Riddle?"
• Next in thread: KRAMER,STEVEN (HP-USA,ex1): "RE: Security through Permissiveness: A Zen Riddle?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 18 2001 - 09:03:24 PDT