Erik ROSSEN proposes the following URL ttp://lwn.net/2000/0629/a/linuxcap1.php3 which discusses some of the underlying flaws in the Linux capability models. Capability, like priviledges on older operating systems such as VMS, allow to break up root powers into classes (raw I/O, ability to run programs, etc). I extend this discussion by saying this: It's not really a vulnerability, it's a bit like priviledges on VMS: if you have raw device I/O you can do whatever you want, whatever the current OS is. And the kmem-loading of modules is known for a long time (since someone upgraded its kernel without rebooting, a long time ago :)) The first step in securing a system is to prevent /dev/kmem access, and raw device access. Then it's preventing loading modules, and then you can play with capabilities. Capabilities are however very useful to run a process as a normal user, say wwwrun, and still let it bind to priviledged ports, without having to drop root and all the ugly things you still have to do nowadays. -- Pour poster une annonce: [EMAIL PROTECTED]
