svn commit: r341689 - in head: lib/libc/sys sys/compat/freebsd32 sys/kern sys/sys
John Baldwin
jhb at FreeBSD.org
Fri Dec 7 19:34:58 UTC 2018
On 12/7/18 10:59 AM, Conrad Meyer wrote:
> On Fri, Dec 7, 2018 at 10:05 AM John Baldwin <jhb at freebsd.org> wrote:
>> The
>> requirement for root mostly mitigates this when root vs not-root is your
>> only privilege. However, a capsicum vs non-capsicum process is a more
>> recent privilege that is orthogonal to root vs non-root. It might be that
>> allowing a capsicumized root to create links to files that were intentionally
>> unlinked by a non-capsicumized root would be the same problem.
>
> None of these syscalls were added to sys/kern/capabilities.conf, so I
> think a capsicum-contained root cannot use them anyway. Maybe I
> misunderstand how capabilities.conf works, though.
Ok.
--
John Baldwin
More information about the svn-src-head
mailing list