Capabilities and the sticky bit
Robert Watson
rwatson at FreeBSD.org
Thu Sep 7 17:48:12 GMT 2000
The capabilities draft makes no mention of the sticky bit in its
discussion of interections between various capabilities, discretionary,
and mandatory access control policies. However, both the setuid and
setgid bits are treated differently than normal file mode bits. Given the
behavior of the sticky bit, I'm guessing that overriding of the stick bit
is generally tied either to CAP_FOWNER or CAP_DAC_WRITE, more likely
CAP_FOWNER given that you must be the owner of the directory to remove a
file not owned by you, regardless of group permissions. I was wondering
what choices were made in other implementations?
On a similar not, FreeBSD's UFS/FFS implementation blocks the setting of
the sticky bit on any non-directories, returning EFTYPE, unless the caller
is the superuser. I believe this is deprecated behavior, and I'm tempted
simply to disable it for the super-user, but was wondering if other
implementations mapped that privilege into a capability.
Thanks,
Robert N M Watson
robert at fledge.watson.org http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1
TIS Labs at Network Associates, Safeport Network Services
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list