8 Dec
2003
8 Dec
'03
4:21 a.m.
On Sat, Dec 06, 2003 at 06:35:45PM -0600, Jack O'Quin wrote:
I've been experimenting with Torben's LSM for the 2.6 kernel, and the
realtime group permissions mechanism we discussed.
Naturally, there are some problems. The worst is that GTK-2 will not
tolerate the use of setgid...
uhh... i only tested with muse. now this is really bad.
hmm... perhaps we trick the binary by setting the gid back
to the e_gid after enabling capabilities :)
it works... add this to my version:
if( (rtgid != 0) && (bprm->e_gid == rtgid) ) {
+
+ bprm->e_gid = current->gid;
+
bprm->cap_effective = CAP_TO_MASK(CAP_IPC_LOCK) |
CAP_TO_MASK(CAP_SYS_NICE) | CAP_TO_MASK(CAP_SYS_RESOURCE);
bprm->cap_permitted = CAP_TO_MASK(CAP_IPC_LOCK) |
CAP_TO_MASK(CAP_SYS_NICE) | CAP_TO_MASK(CAP_SYS_RESOURCE);
}
i am not sure what you did to the jack cvs.
i hope you dont check for the realtime group as it wont work anymore :)
caps are enabled silently :)
but i guess you try to get them and revert to the old mechanisms if it fails.
So, I modified Torben's LSM to check supplementary
groups, and this
seems to work fine. From a system admin perspective it's pretty good.
I'm a member of group `audio', which was accomplished by adding my
user ID (joq) to the appropriate entry in /etc/group...
[...]
well this is an alternative but i would be happier to explicitely give
away the DOS privilege to programs. rather than enabling it for my
account.
For reasons I cannot explain, this works without
requiring the
CAP_SYS_RESOURCE capability, a welcome but unexpected bonus.
very nice indeed. i really wasnt very happy with RESOURCE
I would appreciate comments, feedback, and bug
reports. If you want
to try it, don't forget that it has received minimal testing. Neither
I nor anyone else can promise that it will not adversely affect your
system security or stability. Caveat emptor!
yep...
--
torben Hohn
http://galan.sourceforge.net -- The graphical Audio language