Dailydave mailing list archives
Capabilities systems considered harmful
From: dave <dave () immunityinc com>
Date: Mon, 03 Jan 2011 12:31:36 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Spender gave a great talk (while wearing a sombrero) on UNIX capabilities systems back at a conference in Mexico a thousand years ago or so. But he's gone through the work to write a terrific post on the subject, and everyone should read it. The basic theme of a capabilities system is always this: "Which capabilities, alone or combined with another set of capabilities, are equivalent to super-user access?" Normally it's quite a lot of them. ARGUS PITBULL (which LSD-PL owned back in the day and is now out of business, I think) tried this on top of Solaris and Linux, and there are lots of other great examples of them out there. In the Linux case, it's a dire situation. Spender goes into explicit details on them in the post, which is well worth your time. Here is his summary: "That's 18/35 capabilities equivalent to full root, a good start. In older kernels, this would have been 18/30, more than half of all capabilities. " He has a list of some of the ones that are not 100% going to get you super-user access as well. For example: CAP_NET_RAW (can sniff, possibly more, but sniffing alone won't help against encrypted protocols) <--Sniffing localhost may help you do things like spoof against local daemons? CAP_SYS_NICE <--- Can we magically win all race attacks? :> To be honest, it's all right on target. I should just repost the whole thing. - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAk0iB/gACgkQtehAhL0gherAGgCZAQWS2SJA12Q4oHemjQRFSDiz UbkAn0BBigUc+xxwOcH4HBxTH+tTg75c =fhaw -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Capabilities systems considered harmful dave (Jan 03)