[Apparmor-general] setuid/setgid: target user
Andreas Hasenack
andreas at mandriva.com.br
Mon Jun 18 12:54:58 MDT 2007
The traceroute program I have is SUID root:
-rwsr-xr-x 1 root bin 18K Jan 28 21:17 /usr/sbin/traceroute
but it tries to drop privileges. So, it needs the setuid/setgid
capability:
REJECTING access to capability 'setgid' (4700 profile /usr/sbin/traceroute active /usr/sbin/traceroute)
REJECTING access to capability 'setuid' (4700 profile /usr/sbin/traceroute active /usr/sbin/traceroute)
But I'm wondering: is there someway to specify that this capability can
only be used for root to become user foobar? If I just add these two
capabilities to the traceroute profile, the process would be allowed to
become any user, and not just the intended low privilege one, right?
Assuming some exploit, I mean.
More information about the Apparmor-general
mailing list