Re: Capability tests in netlink and oom_kill

From: Stephen Smalley (sdsat_private)
Date: Tue Aug 21 2001 - 12:52:42 PDT

  • Next message: Stephen Smalley: "Re: Capability tests in netlink and oom_kill"

    On Tue, 21 Aug 2001, Stephen Smalley wrote:
    
    > The only potential area for concern is that in one case,
    > oom_kill doesn't just test for a capability - it tests
    > for CAP_SYS_ADMIN or uid 0 or euid 0.  The attached patch
    > doesn't preserve the exact semantics in that case.   To do so,
    > we would need a separate hook for that particular test. 
    
    The other option would be to leave the separate uid 0 and euid 0
    tests in the base kernel, only replacing the capability test
    itself with a security_ops->capable call.  That would solve the
    problem while preserving the current semantics.  However, it 
    would also leave the uid/euid 0 tests hardcoded in the kernel,
    so superuser processes would still be less likely to be killed
    by oom_kill than other processes.
    
    --
    Stephen D. Smalley, NAI Labs
    ssmalleyat_private
    
    
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Tue Aug 21 2001 - 12:54:35 PDT