Re: PROBLEM: A Capability LSM Module serious bug

From: Serge E. Hallyn (hallyn@private)
Date: Mon Dec 08 2003 - 08:48:54 PST

Next message: liangbin01@private: "Re: PROBLEM: A Capability LSM Module serious bug"

Previous message: Serge E. Hallyn: "Re: PROBLEM: A Capability LSM Module serious bug"
Next in thread: liangbin01@private: "Re: PROBLEM: A Capability LSM Module serious bug"
Reply: liangbin01@private: "Re: PROBLEM: A Capability LSM Module serious bug"
Reply: Chris Wright: "Re: PROBLEM: A Capability LSM Module serious bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I think patch to capability.c maybe a better way to fix this bug. Because 
> dummy.c is a simple superuser mechanism, capability should be not visible 
> to it. And capability modules may be extended to file system so as to 

The main question is do we declare cap_effective to belong solely to
capability.c, or do we want capability.c to trust previous LSM's
computations of those values?  So, even with the current case, if we
insmod, rmmod, then re-insmod capability, do we want to revoke all
previous cap_* computations?

It seems reasonable for it "belong" to capability.c (and I've heard of
noone else wanting to use it).  I just don't think we've explicitly
declared this to be the case.

Next message: liangbin01@private: "Re: PROBLEM: A Capability LSM Module serious bug"
Previous message: Serge E. Hallyn: "Re: PROBLEM: A Capability LSM Module serious bug"
Next in thread: liangbin01@private: "Re: PROBLEM: A Capability LSM Module serious bug"
Reply: liangbin01@private: "Re: PROBLEM: A Capability LSM Module serious bug"
Reply: Chris Wright: "Re: PROBLEM: A Capability LSM Module serious bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Dec 08 2003 - 08:50:37 PST