Do Linux capabilities partition the possible privileged operations?
Question
更准确地说,是否有任何一项操作可以使用一种以上的能力来授予流程必要的权限?
1 answers
solution1
2 ACCPTED 2018-03-14 20:56:17
The short answer is yes.
I would say the overarching model is that each operation is guarded by a single capability. However, there are certainly exceptions. At a glance through the kernel/ directory, I quickly found one example. The usermodehelper sysctl handler requires both CAP_SETPCAP and CAP_SYS_MODULE capabilities in order to update its settings.
Another factor to consider: capability checks are sprinkled throughout the kernel code, including numerous drivers. A driver writer can choose to check for capabilities in whatever way they deem best so there could well be one that requires the caller to hold multiple capabilities.
Finally, there are numerous other cases where a single operation might potentially use more than a single capability even though it fundamentally requires only one. For example, consider a system call that requires a capability as a base but also takes a pathname argument for some operation. I found as example: pr_ctl system call with option PR_SET_MM and sub-option PR_SET_MM_EXE_FILE . This call requires CAP_SYS_RESOURCE foundationally. However, it also requires certain permissions to the file. If the calling user doesn't have the right credentials to access the file, however, that permission can be overridden if the caller has CAP_DAC_OVERRIDE capability.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.