Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: [RFC PATCH] newrole suid breakdown
From: Steve Grubb <sgrubb_at_redhat.com>
Date: Thu, 5 Oct 2006 17:48:06 -0400
There is a library function get_auditfail_action where admins can say what the expected behavior should be. There is a man page for it. However, why would sending an audit message fail? newrole is setuid, that's why I did a code review last winter...and we can do another code review if people still aren't sure. pam is already used in several setuid programs, so I hope that is not the issue.
> It would be possible to add a check to make sure that either we have
> or euid=0 or something, but I'm not really fond of that. By checking euid, you are really hoping that 0 has CAP_AUDIT_WRITE, so why not check the capability since that's what matters.
> RedHat: is there going to be a scenario where you are sending out this No.
> If so, we can probably do the euid check and if euid is non-zero, we Me neither.
> Is there no sane way to check if an app is suid? Because this would I don't think checking suid is the right thing. Checking the capability is. -Steve -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Thu 5 Oct 2006 - 17:47:16 EDT |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |