Re: RemoveSETUID feature (Was: Summary/Minutes from today's FESCo meeting (2010-10-26) NEW TIME!)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Pardon the thread necromancy,

So recently I had cause to look at
http://fedoraproject.org/wiki/Features/RemoveSETUID
again (I was investigating the X server permissions for an unrelated reason).

Now, that page links to
http://people.redhat.com/sgrubb/libcap-ng/index.html

which attempts to explain the value of capabilities, etc.  I was
following along on all of this, and I understand that capabilities
have some (non-negligible) value if you don't have e.g. cap_sys_admin.
 But then I got to the point where it says:

"But they still have uid 0, which typical system installation allows
root to do things. For example, /bin/sh is 0755 and /bin is also 0755
perms. A disarmed root process can still trojan a system. But what if
we got rid of all the read/write permissions for root?"

So...right, "we can do these small changes, and then if we do this BIG
CHANGE, it all works!".  But this feature doesn't include BIG CHANGE,
and there are no plans to, right?  Or is chmod u-rwx g-rwx on the root
filesystem really in the cards?

Now,
https://fedoraproject.org/wiki/Features/LowerProcessCapabilities
appears to claim 100% completion on this for Fedora 12, but none (?)
of it happened?
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux