[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 2/5] util: allow using virCommandAllowCap with setuid helpers



> That seems like a kernel flaw - it makes sense that you can't _add_
> capabilities without CAP_SETPCAP, but being unable to _drop_
> capabilities without first acquiring a capability seems backwards.

You cannot add capabilities to the bounding set at all.  It is a
one-way street.

/me learned a lot of things while writing these two patches.

In fact, capng_apply(CAPNG_SELECT_BOUNDS) will never fail, but I
preferred to be conservative in patch 1 just in case this changes
in the future.

> Hmm, this seems like we may want it for 1.0.4

I do not think so, there should not be any cases right now where
unprivileged libvirt calls a setuid helper.

Paolo


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]