On Thu, Oct 28, 2010 at 11:14:08AM +0300, Pekka Pietikainen wrote:
On Thu, Oct 28, 2010 at 12:44:52PM +0530, Rahul Sundaram wrote:
> This feature is now approved and I see bugs get filed. The documentation and
> guidelines are very incomplete. How does one figure out which file
> capabilities are needed by the programs I maintain that currently use setuid?
> Help, please.
Probably: remove setuid bit, run, see what breaks. strace may be useful
Don't do that. You have to *always* read the application source code to verify
that the change is safe. You have to verify all relevant shared libraries too.
[pp@the ~]$ strace ./rsh localhost 2>&1|grep EACCES
bind(3, {sa_family=AF_INET6, sin6_port=htons(1023), inet_pton(AF_INET6,
"::", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = -1 EACCES
(Permission denied)
-> needs CAP_NET_BIND_SERVICE. It didn't seem to output any error to the
user, so the lacking permissions may be well-hidden.
That's completely wrong and dangerous point of view...
Karel
--
Karel Zak <kzak(a)redhat.com>
http://karelzak.blogspot.com