You need to look at capable() in sched.h
704 static inline int capable(int cap)
705 {
706 #if 1 /* ok now */
707 if (cap_raised(current->cap_effective, cap))
708 #else
709 if (cap_is_fs_cap(cap) ? current->fsuid == 0 : current->euid
== 0)
710 #endif
711 {
712 current->flags |= PF_SUPERPRIV;
713 return 1;
714 }
715 return 0;
716 }
You obviously don't understand this or *you* wouldn't have asked in the
first place. I'll try to help out by pointing out what *I* understand.
706: I'm really not sure what #if 1 means. if preprocessor commands are
usually in the form "if defined something". I'll come back to this.
709: This is the normal suid/fsuid behaviour. If suid (or fsuid for
filesystem operations) is NULL, all capabilities tests are passed.
712: just sets a flag to show that superuser-type privileges have been
invoked.
Back to 706: Since we know that 709 is the normal test, this should be
compiled for different reasons (it's an if/else pre-processor branch)
and that other condition is 1. I suppose this is essentially *your*
question. Perhaps someone could help out?
There's more to this question. In discussing security requirements,
Linus Torvalds refers to the capabilities model as the "default policy"
that Linux already has but also seems to contradict himself by saying
that "almost nobody uses capabilities just because they are comnplex
enough to administer that they are of dubious value in many cases".
(quoted by Crispin Cowan in
http://mail.wirex.com/pipermail/linux-security-module/2001-April/000005.htm.)
Apparently kernel code is written to use capabilities instead of
traditional credentils, but then of course all euid =0 or fsuid = 0
processes will pass. Ask a kernel developer newbie.
regards,
rhys
-
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
IRC Channel: irc.openprojects.net / #kernelnewbies
Web Page: http://www.kernelnewbies.org/
