>On Sun, Jul 05, 2009 at 06:37:18AM -0500, Nicolas Williams wrote: >> Are you saying that there's now a way to separately specify privileges >> to "force" on exec() beyond what the process has in its limit set, or >> that the kernel grants less than "full privilege" (currently euid == 0 + >> oE = oP = L) to processes exec()ing set-uid programs for which there >> exist exec_attr(4) entries? >> >> If the former then I'd expect there should be more details. If the >> latter, then, does that apply regardless of whether PRIV_PFEXEC is set? > >And if the latter, what happens when exec()ing set-uid programs without >matching exec_attr(4) entries? Is there any way to apply a wildcard >rule to grant not privileges to processes running set-uid programs not >listed in exec_attr(4)?
The current implementation leaves the semantics of a set-uid root executable without an exec_attr entry unchanged. Casper
