capabilities and privilege escalation

Robert Connolly robert at linuxfromscratch.org
Mon Aug 22 23:28:02 PDT 2011


On Monday 22 August 2011 18:46:54 Kevin Day wrote:
> In the case of /etc/shadow, this means that there should not be a
> single file containing everybodies password.
> Instead, a separate directory (example: /etc/shadow.d) should exist
> with each person able to access the shadow file to their own
> passwords.
> 1) no root access needed to login or otherwise alter password
> 2) the user has control over their own password via a group or owner
> permission The downsides are:
> 1) The program reading the password must then always sanitize the
> read-in password data as it is now considerred unsafe input.
> 2) no software currently exists to read this (thus patching of
> shadow-utils is required). While I will probably do this myself for my
> system, I don't have the time right now nor do I see any reason for
> you to do this just because I believe its the better alternative.
> 3) There may be a size/performance penalty of having multiple files.
> 4) It makes it easy for a user to mess themselves up.

This pretty much exists in Owl Linux:
http://www.openwall.com/tcb/

robert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20110823/f1a4fe27/attachment.sig>


More information about the hlfs-dev mailing list