Re: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view	Other groups

Subject: Re: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation
From: Hans Fugal (hans_AT_fugal.net)
Date: Thu Dec 30 2004 - 19:28:44 EET

Next message: Tim Blechmann: "[linux-audio-dev] 2.6.10-ck1 & hdsp problem"
Previous message: Jack O'Quin: "Re: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation"
Maybe reply: Hans Fugal: "Re: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation"

I was actually working with the 0.8.5 tarball outside of the kernel.
There doesn't seem to be any problem with SECURITY_CAPABILITIES=n when
using the realtime-lsm 2.6.10 patch. (Again, I built but didn't reboot
to test)

On Thu, 30 Dec 2004 at 10:20 -0600, Jack O'Quin wrote:
> Hans Fugal <hans_AT_fugal.net> writes:
>
> > On Wed, 29 Dec 2004 at 11:07 +0100, Frank Barknecht wrote:
> >> Hallo,
> >> Fernando Lopez-Lezcano hat gesagt: // Fernando Lopez-Lezcano wrote:
> >>
> >> > Why I think this is a yes. Any kernel that wants to use the realtime-lsm
> >> > will have to either not build the POSIX capabilities lsm, or build it as
> >> > a module. In the later case the system will be vulnerable. The
> >> > realtime-lsm does not depend on the POSIX capabilities lsm but it forces
> >> > you to build it as a module,
> >>
> >> I don't understand: Why does it do so? Shouldn't this be "fixed" in
> >> the realtime-lsm then?
>
> Actually, the bug is not in either. The "fix" is in security/dummy.c.
>
> > Someone please correct me if I'm wrong, but it just looks like a case of a
> > simplistic check. It doesn't look like realtime-lsm really depends on
> > posix capabilities being compiled as a module, but on posix capabilities
> > not being compiled in. So I'm going to try this patch (it builds, we'll
> > see if it works fine, but I suspect it will):
>
> The actual source code is in security/Kconfig...
>
> config SECURITY_REALTIME
> tristate "Realtime Capabilities"
> depends on SECURITY && SECURITY_CAPABILITIES!=y
> default n
> help
> This module selectively grants realtime privileges
> controlled by parameters set at load time or via files in
> /sys/module/realtime/parameters.
>
> If you are unsure how to answer this question, answer N.
>
> The reason for this check is that realtime-lsm does not work when the
> capability LSM is installed built-in (i.e. not as a module). I am not
> a wizard at Kconfig. Perhaps someone more skilled in this area can
> explain what to do. Note that capability is not needed when realtime
> is installed.
> --
> joq
>

-- .O. Hans Fugal | De gustibus non disputandum est. ..O http://hans.fugal.net | Debian, vim, mutt, ruby, text, gpg OOO | WindowMaker, gaim, UTF-8, RISC, JS Bach --------------------------------------------------------------------- GnuPG Fingerprint: 6940 87C5 6610 567F 1E95 CB5E FC98 E8CD E0AA D460

application/pgp-signature attachment: Digital signature

Next message: Tim Blechmann: "[linux-audio-dev] 2.6.10-ck1 & hdsp problem"
Previous message: Jack O'Quin: "Re: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation"
Maybe reply: Hans Fugal: "Re: [linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation"

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view	Other groups

This archive was generated by hypermail 2b28 : Thu Dec 30 2004 - 19:38:29 EET