POSIX.2c getpcap utility
Casey Schaufler
casey at sgi.com
Tue Mar 6 13:51:51 GMT 2001
Thomas Moestl wrote:
> The getpcap utility writes to standard output the textual
> representation of the capability state of the invoking process
> in the text form specified in 9.1.
>
> This cannot be implemented, because each process only knows its
> own capability state (using the POSIX.1e cap_get_proc()) and anyway,
> the capability state of the invoking process is lost on exec().
Yes. You have discovered the Third of the Seven Unholy Secrets
of the POSIX 1003.1e/2c specification. There is no way that a
process can get the information required using cap_get_proc()
if the exec rules are properly enforced. Don't be discouraged,
there are several ways to do it anyway:
1. Improperly implement the exec() rules. This has been
discussed a bit here. On some systems a program with no
capability set is not treated like a file with 'all=', rather
capabilities are passed through.
2. cap_get_file("/proc/<ppid>", ...) where the implementation
supplies the capability set via the /proc entry. This is my
personal favorite.
3. Give getpcap all inheritable and permitted capabilities.
Have the program look at what it ends up with, compare with
the user's /etc/capability entry, and roll 3d8. I've seen
this done, and it's uuuuuuuuugly.
--
Casey Schaufler Manager, Trust Technology, SGI
casey at sgi.com voice: 650.933.1634
casey_p at pager.sgi.com Pager: 888.220.0607
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list