Feature Wrangler Review
- Please include a draft release note. Thank you. poelcat 16:11, 24 June 2009 (UTC)
Comments
--Dmalcolm 14:34, 27 July 2009 (UTC) "How to Test" section contains various things to test for to ensure that capabilities are suppressed for the various daemons, but I think it also needs two more sections:
- that the "normal" functionality of each patched daemon still works - that a sysadmin logged in via e.g. ssh is still able to perform his/her "normal" activities - Does sudo still work as before? (see https://www.redhat.com/archives/fedora-devel-list/2009-August/msg00078.html ) (etc)
--Dmalcolm 14:40, 27 July 2009 (UTC) From a documentation point-of-view, is the following correct: Linux has long had per-process capabilities, allowing more fine-grained permissions for e.g. a process running as "root", but the API for using this has been awkward to use. We're adding a new user-space library to make it much easier for a process to revoke capabilities for itself and its subprocesses, and patching various network-facing daemons to make use of it. This should make it more difficult for an attacker to take full control of a system via a vulnerability in one of these daemons. (In terms of layered defences, when do capabilities happen? After regular unix permissions, but before SELinux??)
--sgrubb 16:40, 14 Aug 2009 (UTC)Updated testing section. Capabilities checks are performed in the syscall and generally before looking at any data from user space.