On 06/11/2017 07:30 AM, Mickaël Salaün wrote:
On 08/06/2017 21:01, Matt Brown wrote:
On 6/8/17 2:37 PM, Alan Cox wrote:
http://phrack.org/issues/52/6.html#article
| A trusted path is one that is inside a root owned directory that
| is not group or world writable. /bin, /usr/bin, /usr/local/b
On 08/06/2017 21:01, Matt Brown wrote:
> On 6/8/17 2:37 PM, Alan Cox wrote:
>>> http://phrack.org/issues/52/6.html#article
>>>
>>> | A trusted path is one that is inside a root owned directory that
>>> | is not group or world writable. /bin, /usr/bin, /usr/local/bin, are
>>> | (under normal circu
> So actually in this LSM it's not so much full paths that are trusted,
> rather it checks that the directory containing the program is only
> writable by root and that the program itself is only writable by root.
>
> For example, consider the following:
>
> /user/ with permissions drwxr-xr-x use
On 6/8/17 2:37 PM, Alan Cox wrote:
>> http://phrack.org/issues/52/6.html#article
>>
>> | A trusted path is one that is inside a root owned directory that
>> | is not group or world writable. /bin, /usr/bin, /usr/local/bin, are
>> | (under normal circumstances) considered trusted. Any non-root
>>
> http://phrack.org/issues/52/6.html#article
>
> | A trusted path is one that is inside a root owned directory that
> | is not group or world writable. /bin, /usr/bin, /usr/local/bin, are
> | (under normal circumstances) considered trusted. Any non-root
> | users home directory is not trusted, n
Trusted Path Execution (TPE)
Patch Versions:
v1:
* initial patch introduction
v2:
* included copyright notice from Brad Spengler and Corey Henderson
* reversed the invert_gid logic. tpe.gid now defaults to being the
trusted group rather than the untrusted group.
* fixed race condition by takin
6 matches
Mail list logo
