Re: prompt expansion and POSIX.1e capabilities

zsh-workers
 help / color / mirror / code / Atom feed

From: Zefram <zefram@fysh.org>
To: Clint Adams <schizo@debian.org>
Cc: zsh-workers@sunsite.dk, 98475-forwarded@bugs.debian.org
Subject: Re: prompt expansion and POSIX.1e capabilities
Date: Wed, 23 May 2001 23:28:51 +0100 (BST)	[thread overview]
Message-ID: <E152h7b-0007Ae-00@crucigera.fysh.org> (raw)
In-Reply-To: <20010523120514.A26393@dman.com> from Clint Adams at "May 23, 2001 12:05:14 pm"

Clint Adams wrote:
>This is not useful behavior, because (at least on my installation),
>normal users have all capabilities but cap_setpcap raised inheritable.
>This gives me a # prompt, not %, when I log in.

Curious.  At the time I added the POSIX.1e stuff -- the same time I was
working on the Linux kernel POSIX.1e project -- the Inheritable set was
constrained to always be a subset of Permitted.  Also, normal binaries,
having empty file capability sets, would lose all capabilities of their
parents on startup.

It appears that the capability rules have changed, and Inheritable is
no longer required to be a subset of Permitted.  Instead, it's a set
of latent capabilities, that a binary can acquire for real if it has a
non-empty file Inheritable set.

As I noted at the time, the rules about the different capability sets are
too complicated, and I can't tell, just from the code, what administrative
function the Inheritable set fulfills.  My best guess is that it's a
mechanism for implementing decisions about which users are permitted
to invoke which administrative programs, though a rather poor one --
difficult to justify putting into the kernel.

It appears that the best logic to implement is, as you suggest, to
generate the "#" prompt iff the Effective set is non-empty.  Another
possibility is to check both the Effective and Permitted sets; the
Permitted set is effectively `saved capabilities', with similar semantics
to saved UIDs.  However, the non-capability logic doesn't look for a saved
root UID, so I think we should not be looking for Permitted capabilities.

-zefram

next prev parent reply	other threads:[~2001-05-23 22:29 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2001-05-23 16:05 Clint Adams
2001-05-23 22:28 ` Zefram [this message]
2001-05-29 15:04   ` PATCH: " Clint Adams

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=E152h7b-0007Ae-00@crucigera.fysh.org \
    --to=zefram@fysh.org \
    --cc=98475-forwarded@bugs.debian.org \
    --cc=schizo@debian.org \
    --cc=zsh-workers@sunsite.dk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.vuxu.org/mirror/zsh/

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).