![[LWN Logo]](/images/lwn.banner.gif)
Date: Fri, 30 Apr 1999 23:34:25 +0200
From: Pavel Machek <pavel@bug.ucw.cz>
To: linux-kernel@vger.rutgers.edu, y2k@y2ker.com, jeremy@goop.org
Subject: Capabilities: ALPHA time
--yrj/dFKFPuw6o+aM
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=mutta00342
Hi!
Capabilities reached state where they are actually usefull. (I was
able to lower permissions for programs like ping and rlogin). There
are still some problems with headers (I include
/usr/src/linux/include/linux/capability.h directly -- that's ugly),
and there are problems with applications which do getuid() and then
print failed - must be run as root when they actually do not need root
at all (fping). Diff against kernel follows, and diff against
http://www.goop.org/~jeremy/elf-caps.html follows, too (Jeremy, please
apply at least parts which look clean to you).
Pavel
PS: I'd like this "obviously right" patch go in as soon as possible
[well perhaps modulo "FLE" ugliness and modulo one printk], so please
take a carefull look.
--- clean/include/linux/elf.h Thu Jun 25 17:38:14 1998
+++ linux/include/linux/elf.h Mon Apr 19 22:11:31 1999
@@ -496,6 +496,39 @@
Elf32_Word n_type; /* Content type */
} Elf64_Nhdr;
+/* Capabilities support
+ */
+struct elf_capabilities {
+ Elf32_Word signature;
+ Elf32_Word version; /* Currently 0, this is so that you can append on the end painlessly */
+ Elf32_Word flags;
+#define ECF_MAKE_EUID_UID 1
+#define ECF_MAKE_EUID_XUID 2
+ Elf32_Word xuid;
+ Elf32_Word effective;
+ Elf32_Word effective1;
+ Elf32_Word effective2;
+ Elf32_Word effective3;
+ Elf32_Word permitted;
+ Elf32_Word permitted1;
+ Elf32_Word permitted2;
+ Elf32_Word permitted3;
+ Elf32_Word inheritable;
+ Elf32_Word inheritable1;
+ Elf32_Word inheritable2;
+ Elf32_Word inheritable3;
+ Elf32_Word known;
+ Elf32_Word known1;
+ Elf32_Word known2;
+ Elf32_Word known3;
+};
+
+struct elf_capabilities_note {
+ Elf32_Nhdr notehdr;
+ __u32 note_signature; /* == "CAPS" */
+ struct elf_capabilities cap;
+};
+
#if ELF_CLASS == ELFCLASS32
extern Elf32_Dyn _DYNAMIC [];
--- clean/fs/binfmt_elf.c Fri Mar 26 17:46:23 1999
+++ linux/fs/binfmt_elf.c Fri Apr 30 22:59:40 1999
@@ -7,6 +7,7 @@
* Tools".
*
* Copyright 1993, 1994: Eric Youngdale (ericy@cais.com).
+ * Capabilities copyright 1999 Pavel Machek (pavel@ucw.cz).
*/
#include <linux/module.h>
@@ -425,8 +426,11 @@
retval = -ENOEXEC;
/* First of all, some simple consistency checks */
- if (elf_ex.e_ident[0] != 0x7f ||
- strncmp(&elf_ex.e_ident[1], "ELF", 3) != 0)
+ if (elf_ex.e_ident[0] != 0x7f)
+ goto out;
+
+ if (strncmp(&elf_ex.e_ident[1], "ELF", 3) &&
+ strncmp(&elf_ex.e_ident[1], "FLE", 3))
goto out;
if (elf_ex.e_type != ET_EXEC && elf_ex.e_type != ET_DYN)
@@ -473,6 +477,35 @@
end_data = 0;
for (i = 0; i < elf_ex.e_phnum; i++) {
+ if (elf_ppnt->p_type == PT_NOTE) {
+ struct elf_capabilities_note note;
+
+ retval = read_exec(bprm->dentry, elf_ppnt->p_offset,
+ (void *) ¬e,
+ sizeof (struct elf_capabilities_note), 1);
+ if (retval<0)
+ goto out_free_ph;
+ if (note.note_signature != be32_to_cpu(0x43415053)) /* "CAPS" */
+ continue;
+
+ retval = -ENOEXEC;
+ if (note.cap.signature != 0xca5ab1e) {
+ printk( "signature = %x, version = %x, header @ %x\n", note.cap.signature, note.cap.version, elf_ppnt->p_offset );
+ goto out_free_ph;
+ }
+ if (note.cap.flags & ECF_MAKE_EUID_UID) /* You may want to loose owner's uid */
+ bprm->e_uid = current->uid;
+ if (!bprm->e_uid) { /* We only honour random uid changes for root */
+ if (note.cap.flags & ECF_MAKE_EUID_XUID)
+ bprm->e_uid = note.cap.xuid;
+ }
+ cap_mask( bprm->cap_effective, note.cap.effective );
+ cap_mask( bprm->cap_permitted, note.cap.permitted );
+ cap_mask( bprm->cap_inheritable, note.cap.inheritable );
+
+ printk( KERN_DEBUG "Now: uid = %d, effective = %x, permitted = %x, inheritable = %x\n", bprm->e_uid, bprm->cap_effective, bprm->cap_permitted, bprm->cap_inheritable );
+
+ }
if (elf_ppnt->p_type == PT_INTERP) {
retval = -EINVAL;
if (elf_interpreter)
--
I'm really pavel@atrey.karlin.mff.cuni.cz. Pavel
Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).
--yrj/dFKFPuw6o+aM
Content-Type: application/x-gzip
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="delme.gz"
H4sICCEhKjcAA2RlbG1lAJ1ZeXPaShL/W3yKNiknnAZ8G5KsCcYxGwwuDC95lU1RQhqBXoRE
6fCVOJ99u2dGF4LEu64EzUz/uqenp48ZaWhbj2DawCxDU1dNUHXddnyW003DgGogx/ccw9Rq
kranydF4IFetVjdDlVvVh/bKhf1D2D9oHp4090+gcXZ2liuXyxk5yqVrcvRBndD7x836gUCf
n0O1UTmEMv2cn+eqtVKuXCvB7/8KC/ZYAbZUNa8C/sL0AP9VS1WwTDt4qGq8vXR0VswBlKCt
66DCzXg6GI674LH5ktk++A6oNnT7l8AemBb46sxiBOcsYyl05TLff4Q5s5lraoCL9hcMRZOE
CswCH0wfgbbPbJ3pJHPGOERzXAaOwRd4UjmG8kmlcUIrjKR7juHfq4jC9oyZ9hxcZjHVQzEB
CnO5mI+DCdwEMwvn7psaszW2F+nYcVaPrjlf+NyUFfg3c9nyES5N/2mhujpKZPD2Hz54Pncc
3EJ3/j5X3sB5o94xC65VbcG+w9sV9c4D7X5Pe3oPhd6bOwa4jwtSUZ2rpu350P9404dmtUji
cuVceeyg7XEct12dmZbpm4y2xn1sEvVV6H9QtaA2M+3aCoVJPo/5aGZn7qpLMBwX3MC2aSrb
sauu4/jcyg75s8HuUxOAq5porgoEHkNzLpnQ0TK/s7VZNRh0x9NR+zNUPT2lARqyloMcvDJt
zQp0tJjn66azt3jPt26/XjmF8kGj0qjzzUvAHr3aSkWlCbo27vmqz4dz1ZiAQUFj5WgkXws8
t+a5Wo27bU2Oy1600Me9Rf7FXHySPE5cfqUzw7QZDIbTwdXFKKFinmziCRiOGgiEi+6HyUcR
jYfcXRvH9Urj4IAvWsEgCFxMJgvdbeXgmcSjywMzDKb5JrrHO6hXYMXcpen76L+8a9oLjBke
VjjwC0cMS517ghiYHPVwWj85Yict2q47B8dw1VMebKrPCp7vBppP2WSa2vYS9tDzfuTKCraq
7z1zbquoIdfjQVOP1FmDtULqHXM907GJFo0lNY/aETW5kKgdUdPrSvQiRLhO/oxGH8Sa8ReH
nmnFmOcaQAmZFoTRj8nGw7ziwQJjExNAatH+ArOVE7hwp7omTeeR5/J9IKNpzhK98UU2Mw0o
rNltJ2E4RCnhjjdaSXxoSUJvR8W2fQ2/os52fGxtxEed7fik/ZEj0d3IIzYDgfHWZHCyXQ83
RhqR7KozTwNuNTS0HSz5dmJ6hZKtLmnLn1ubOKhBAO/rN9xz4v8BnfbNtHM1/DyoQJ4/8/Bc
iSgX7c50+Fd3NOpddBGQ7GZwo277YnrbbY86VxKaGEmhL3Ga7ghBopGm3XbHvQui8cYabXrd
vv3EibyVon7q9ftIogeNKwp68hF3RwlAgR+5aNFIMePQJKRNsrQbfAoitVLUfm8w+TLtXV9P
xu0PfbLS2kgKTRn/Q29AZhn91esQfH2IK09RWE8qz1GjYfui074dh1xhPzNF++K6N5Ao3s4g
sOxIOrZS1N5NZ9ofdsjMYTNDDzcwakdKpy3+N+7T8GLCzRJ30tbFYVShN5QQ3s4gOlej4XAs
IaKTwdyMR+1OOJPoZDHtTicUw9uh4vv1dcVDG0btjLAPsUofNik06EXqDHoblBl1b4eTUYQJ
uxncuHcdYqgZefd+xtjj8d/TznBw2fsY4qOBSCoWusGk38eKKdNEmK3xIIen0wJ1TZmV1zNI
aYWJI0ojnFtZuchhFCC/Wz99UPJYY6EoKJTpTHhHiRlkNovABTxJseJ/7DwHx9BfG7A7O+1+
f2cnBCfn/Cr57xcmZt4CJlPSrMiTmxT6GgqNt2+JEiyLPMuG7PldD1DfkInkKKtymZ7PcQKO
5voWKvCcOhlw+ktKXCSIjvedBKiZMsOfqmAkBmCm6hAhm8ruAwqqwJoALjjBJAsmwvUYHlbR
dXBUKpsKqZj0E1grrOusUdXcxhrX2HXWRPncxpwsuOvs323n3t7GyIkZFl6C0xYUNXodiCel
ppLC8SNU5BZhMOmMzymqshcecpDo8rh5UWQhFAcR6TtWAW8uUlqpSPFbwagKXQaByeODGwrY
GhU7KFTDW522XJHgECCiQ0pJRM2WyBDzpKMBL05TbuKXRMRLjLBxDYmd/PkOIkXX9CTN6BoM
S7wf8rymunMNt02YETt3eBf/gXcJnvPw8u664kTO7xzHZ3Q7Lh/Uzyr7Z+LO4RjG1Kd7J8NW
KzXgPcV9J/BnaN2W3HK6hE75ZZFfM+SpODGi4x3bxwFLF9ODQndPWi/2Sc2v9W8turgJaxQo
VeL133dWfkEsiUCY8vPFIiWMakPY6Q9orcmaq6bZDJqe5egpXlAU7970tUXBjEyO99k32psm
lhBurhaYcrekr6N8FCycRVHixIA7hOA42kV/5jL1e4uqUCiboewU1wbZki1mWiFTSvRLmExk
4sUheWsStSd9karLxSRHXzhHgHOIy5XqO2aME2kFhXQ7l3iI/dSddvHAOf2CP1khHgrZwrAR
byE+6W2NLMRByJoHbkDpiEp5ZYxB18DLuRpYfpPaCgYNRRw28Q5O/yme0LgUTD9/8pAjv0ID
mLZe5t5VVRRD5lTP1xGIzjjx1DlrApZk9sDI9SnDkkK/QX6tMvjyDR8r8TDFI6AsTQ3PWuAz
KQ949RexVeRKx1cuUp6/Xmk0KhT3xwcV8XIs9BXdJS+h5Ftc48QVeVJNkjwLDNRz19uz2T2W
CakAj4xNsF0vBiWTwb/y+WaeyyBVeZpacSWg0LWMg/3pDfVKRdRtqa7KXEOsyNPVAtMQZ+HL
OTjhr4tOMY0d8/WgJMNxC/wt1DuRvFr8QftEy5M9QcPMyh58vmKyA1UOrBqSwjXG0+egfd0t
8qMevH5N+0tvRAXGf1zx6OqMpwi85TVmO1Ukm2SlTJx4hpaeev8QH5x4SZBHMSFYV31VkkQd
Tb6QyECSVTQx4RUesK6y7z0S0zLLYxuYLOd+Ow8/5SVCUM7KHkyfK0GFjxw1Dsrn8GyY5BKm
iqZtW9amF5HxvFx+g7efFUVKjLJFMYLUQ29DsvAD6fSiLkjXWKqW5WgFz3zCWlgo0WixKCrn
/tFhpXEM5cN9fB7FIZSwOgkyXLa2ExRHtdL/9lfL8ABe02FyQ255C1fdURc28CBXPHVmOfHB
xKNFJbHeE53JsrAWl7lkSzwBJVaFx7QHFX+TAiT2/1gp7tGftV4/cRX5lv92BRkW4pg9MddJ
LWVtEaFQEcNhCItjW+qd6Vq4pc+JG4gb4xhdRpyzwpyFK+AYT/hr8qWxIvwQUx654dFppSFf
Gsv6JE9wZAc2n5IjeitVYwXsUUBU5IkucY+Ns3IxPEQHtmXa38NMzrNfePDaULV2vSY6iv2G
8trSwQMO1VWDzrZE2fXCchfXJ9QiLBK4TSgFczb+2k4xymvx28JE4S3g8dOgmu2smB0XmuF0
dPF59HM4HY8mgw4+O6Nue1wrYav7pdMv1WiaPcwG/BtVYjnw29VomKQwIfhsucosZ7j5g9+e
tue45vw3ZJf9s536ayvJyVDwqQfL1bZx5Nj08VF+iwg/Gcpu5sOjHF//7HjaPDrNfHYMscmP
jo1m46R5dBJ/dDyjc8eZPHXUStC2Uecq/2rHsy59FZIRy/u0N8l+iSo1pSvNoe9hqVfCqRfE
4sZDcRu2RVBTj1/lStSX96CzyhmU8Vd+beLvnHE2Yxm99RCThxcr+sriU0ymVcNfrF0e3okT
ynFsJY3k4VzGcLYpnqNPRaQtDUgsrV2cgj47rq7Y4s741KIXYwO6OVF+4BZLw+iiKWEdhz6R
+tuQ3DxKEsgTHQGfQSAH/OMTpuVXzEZHyriZ3PWsxwqCk/svw2nrtRMfAAA=
--yrj/dFKFPuw6o+aM--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/