Subject: Re: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation
From: Jack O'Quin (joq_AT_io.com)
Date: Thu Dec 30 2004 - 18:20:09 EET
Hans Fugal <hans_AT_fugal.net> writes:
> On Wed, 29 Dec 2004 at 11:07 +0100, Frank Barknecht wrote:
>> Hallo,
>> Fernando Lopez-Lezcano hat gesagt: // Fernando Lopez-Lezcano wrote:
>>
>> > Why I think this is a yes. Any kernel that wants to use the realtime-lsm
>> > will have to either not build the POSIX capabilities lsm, or build it as
>> > a module. In the later case the system will be vulnerable. The
>> > realtime-lsm does not depend on the POSIX capabilities lsm but it forces
>> > you to build it as a module,
>>
>> I don't understand: Why does it do so? Shouldn't this be "fixed" in
>> the realtime-lsm then?
Actually, the bug is not in either. The "fix" is in security/dummy.c.
> Someone please correct me if I'm wrong, but it just looks like a case of a
> simplistic check. It doesn't look like realtime-lsm really depends on
> posix capabilities being compiled as a module, but on posix capabilities
> not being compiled in. So I'm going to try this patch (it builds, we'll
> see if it works fine, but I suspect it will):
The actual source code is in security/Kconfig...
config SECURITY_REALTIME
tristate "Realtime Capabilities"
depends on SECURITY && SECURITY_CAPABILITIES!=y
default n
help
This module selectively grants realtime privileges
controlled by parameters set at load time or via files in
/sys/module/realtime/parameters.
If you are unsure how to answer this question, answer N.
The reason for this check is that realtime-lsm does not work when the
capability LSM is installed built-in (i.e. not as a module). I am not
a wizard at Kconfig. Perhaps someone more skilled in this area can
explain what to do. Note that capability is not needed when realtime
is installed.
-- joq
This archive was generated by hypermail 2b28 : Thu Dec 30 2004 - 18:26:54 EET