robert at linuxfromscratch.org
Thu Oct 2 21:39:01 PDT 2008
On Friday October 3 2008 12:12:15 am Robert Connolly wrote:
> Another suid-root dropped:
> chmod -s /bin/su
> setcap CAP_DAC_READ_SEARCH,CAP_SETUID,CAP_SETGID=ep /bin/su
/bin/su seems to want to reset the gid, and probably the uid, of /etc/shadow,
according to Strace.
Regardless of the comments in /usr/include/linux/capability.h, it looks like
CAP_DAC_READ_SEARCH allows writting to /etc/shadow.
If I remove CAP_DAC_READ_SEARCH, and make /etc/shadow group
read/writable, /bin/su works. Each has pros and cons, and I don't know which
This might be a bug in CAP_DAC_READ_SEARCH... somehow FOWNER was mixed in.
Opinions, debug help?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: not available
More information about the hlfs-dev