root and capabilities list
ds
1000hz.radiowave at gmail.com
Tue Oct 14 18:44:26 UTC 2014
On 14.10.2014 22:37, Martin Pitt wrote:
> Ah, how does that work? I'm not aware of an ELF/kernel feature which
> allows doing that, this sounds interesting?
https://www.insecure.ws/2013/12/17/lesser-known-tool-of-the-day-getcap-setcap-and-file-capabilities/
> Note that at least CAP_SYS_MODULE is equivalent to root (as you can
> load any local .ko which can then provide you with a backdoor into the
> kernel),
I guess you have to put the .ko file at a protected place of filesystem
for it to get loaded. And maybe it would even require recompiling kernel
with your .ko in mind. I am not sure how it works. I only use ubuntu for
a month now.
> If open and read on them is additionally protected by CAP_SYS_RAWIO,
> then world-readability should not hurt indeed (note that I haven't
> verified this). Martin
Trust me. Tried already.
More information about the Ubuntu-devel-discuss
mailing list