Wednesday, January 12, 2011

Are the Linux capabilities adding more security?

Many Linux distributions are moving towards Capabilities in order to get rid of SUID/SGID binaries.  Yes, it sounds nice because it splits the powers into smaller privileges and also adds a high level of granularity.

In practice, it depends how the capabilities are implemented and what privilege gives each capability, because there are cases where the program ends up with insane privileges. Of course, this can cause some troubles  and we will see many problems (exploits?) in the future.

The following article explains some of the cases discussed during the past weeks, that led to local root privilege escalation. They point to the following exploit released in the Full disclosure mailing list and also the post sent by Spender to the Grsecurity Forum, that is a good reading.

No comments:

Post a Comment