[ubuntu-hardened] Removing SUID on binaries that don't need it
John Richard Moser
nigelenki at comcast.net
Thu Nov 29 23:24:55 GMT 2007
Phillip Susi wrote:
> Scott James Remnant wrote:
>> The other process owned by the user that ptraced you, and made you skip
>> the syscalls that dropped your caps.
>
> You can't ptrace suid programs.
>
- You can if you're root
- Nobody cares, you're root already
- If you're using SELinux, it shouldn't let you ptrace across contexts
- If you can, somebody needs to fix your policy
- You have no caps to drop if you're not root (via SUID or other)
I think that covers about everything. There's a lot of "well this
situation lets you get away with it" that ends something like "... but
you own the box already anyway."
>
--
Bring back the Firefox plushy!
http://digg.com/linux_unix/Is_the_Firefox_plush_gone_for_good
https://bugzilla.mozilla.org/show_bug.cgi?id=322367
More information about the ubuntu-devel
mailing list