* Stephen Smalley (sdsat_private) wrote: > > If CAP_SYS_ADMIN or CAP_NET_ADMIN are used interchangeably in > a number of locations for both DAC override and authoritative > control, then this obviously doesn't work. Is that what you > are saying? yes, that's what i'm questioning. i haven't looked at all the cases in the kernel that use CAP_(SYS|NET)_ADMIN. i recall that CAP_SYS_ADMIN is used for mounting/unmounting (along with many other things). so the CAP_SYS_ADMIN test in sys_umount followed by the lsm umount hook in do_umount (well, besides the fact that we'd need to move the lsm hook to sys_umount like was done in the authoritative patch) is an example of CAP_SYS_ADMIN being used in a way that one would conceivably want to use it as an override. but i'm shooting in the dark here, just guessing at requirements. the case i mentioned above was -chris p.s. in fact i see no good reason not to move the lsm umount hook to sys_umount. that way it is not within the BKL. any objections? _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Sep 06 2001 - 11:15:39 PDT