Posix file capabilities
robert at linuxfromscratch.org
Mon Jan 28 17:36:31 PST 2008
Posix file capabilities are now implemented in linux-2.6.24. Basically, file
attributes can be used to give programs root's capabilities. Before we only
had capabilities for processes. File capabilities are much easier to
implement. This is like partial suid-root, and is a bit better than dropping
root, or using access controls on root, because full root power is never
activated. Access controls can still be used in conjunction. All of this
prevents privilege escalation.
After installing the Attr package, PAM, libcaps-2, and rebooting linux-2.6.24
with the CONFIG_SECURITY_CAPABILITIES, CONFIG_SECURITY_FILE_CAPABILITIES, and
CONFIG_EXT2_FS_POSIX_ACL and CONFIG_EXT2_FS_SECURITY kernel options (there
are similar options for ext3 and reiserfs), and then following:
I got /bin/ping working without suid-root. It's very straight foreward to set
up on an existing system.
The caps module is now built-in to the kernel (non-optional) for filesystem
support to work dependably.
We can use this with any program that runs as root, like klogd, etc, to give
it the least possible capabilities.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the hlfs-dev