[linux-audio-dev] LSM: Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation

Hans Fugal hans at fugal.net
Thu Dec 30 17:28:44 UTC 2004 

I was actually working with the 0.8.5 tarball outside of the kernel.
There doesn't seem to be any problem with SECURITY_CAPABILITIES=n when
using the realtime-lsm 2.6.10 patch. (Again, I built but didn't reboot
to test)

On Thu, 30 Dec 2004 at 10:20 -0600, Jack O'Quin wrote:
> Hans Fugal <hans at fugal.net> writes:
> 
> > On Wed, 29 Dec 2004 at 11:07 +0100, Frank Barknecht wrote:
> >> Hallo,
> >> Fernando Lopez-Lezcano hat gesagt: // Fernando Lopez-Lezcano wrote:
> >> 
> >> > Why I think this is a yes. Any kernel that wants to use the realtime-lsm
> >> > will have to either not build the POSIX capabilities lsm, or build it as
> >> > a module. In the later case the system will be vulnerable. The
> >> > realtime-lsm does not depend on the POSIX capabilities lsm but it forces
> >> > you to build it as a module, 
> >> 
> >> I don't understand: Why does it do so? Shouldn't this be "fixed" in
> >> the realtime-lsm then?
> 
> Actually, the bug is not in either.  The "fix" is in security/dummy.c.
> 
> > Someone please correct me if I'm wrong, but it just looks like a case of a
> > simplistic check. It doesn't look like realtime-lsm really depends on
> > posix capabilities being compiled as a module, but on posix capabilities
> > not being compiled in. So I'm going to try this patch (it builds, we'll
> > see if it works fine, but I suspect it will):
> 
> The actual source code is in security/Kconfig...
> 
> config SECURITY_REALTIME
> 	tristate "Realtime Capabilities"
> 	depends on SECURITY && SECURITY_CAPABILITIES!=y
> 	default n
> 	help
> 	  This module selectively grants realtime privileges
> 	  controlled by parameters set at load time or via files in
> 	  /sys/module/realtime/parameters.
> 
> 	  If you are unsure how to answer this question, answer N.
> 
> The reason for this check is that realtime-lsm does not work when the
> capability LSM is installed built-in (i.e. not as a module).  I am not
> a wizard at Kconfig.  Perhaps someone more skilled in this area can
> explain what to do.  Note that capability is not needed when realtime
> is installed.
> -- 
>   joq
> 

-- 
 .O.  Hans Fugal            | De gustibus non disputandum est.
 ..O  http://hans.fugal.net | Debian, vim, mutt, ruby, text, gpg
 OOO                        | WindowMaker, gaim, UTF-8, RISC, JS Bach
---------------------------------------------------------------------
GnuPG Fingerprint: 6940 87C5 6610 567F 1E95  CB5E FC98 E8CD E0AA D460
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.linuxaudio.org/pipermail/linux-audio-dev/attachments/20041230/3aea7c4f/attachment.pgp>

More information about the Linux-audio-dev mailing list