1 |
On Sat, 17 Apr 2010 20:30:02 +0200, Mick wrote about Re: [gentoo-user] |
2 |
How many ways are there for a user to increase their permissions?: |
3 |
|
4 |
>On Friday 16 April 2010 23:13:34 Jonathan wrote: |
5 |
[snip] |
6 |
>> 4: Linux "Capabilities" or "caps": Which increases permissions on a |
7 |
>> per-file basis. e.g. removing SUID from ping and adding CAP_NET_RAW |
8 |
>> to ping. This is much safer than running the whole program as root. |
9 |
>> http://linux.die.net/man/7/capabilities |
10 |
> |
11 |
>This is a first for me. I haven't used it before and it seems it is |
12 |
>not set up on my box by default. |
13 |
|
14 |
In fact, POSIX capabilities are a mechanism to *reduce* a program's |
15 |
permissions, not increase them. |
16 |
|
17 |
With a default system, any program that needs to do, say, one |
18 |
privileged operation must be run as root. The typical example is to |
19 |
open a service port (i,e, 1023 or lower) rather than an ephemeral port |
20 |
in the TCP/IP stack. Such a program receives full root privileges, |
21 |
which allow it to have full access to the filesystems, modprobe new |
22 |
drivers into the kernel, etc., etc., even though it only wants to |
23 |
listen on a service port. |
24 |
|
25 |
With caps, it is given the capability (CAP_NET_BIND_SERVICE) to open |
26 |
service ports without regard to the userid under which it is running. |
27 |
This means that it will *NOT* have permissions to modprobe drivers, |
28 |
mess about with files arbitrarily, etc. |
29 |
|
30 |
man 7 capabilities |
31 |
|
32 |
If you don't have that man page, you will need to emerge libcap. |
33 |
-- |
34 |
Regards, |
35 |
|
36 |
Dave [RLU #314465] |
37 |
====================================================================== |
38 |
dwnoon@××××××××.com (David W Noon) |
39 |
====================================================================== |