So, this is the last progress report of this years GSoC. That doesn’t mean that this project is done, but GSoC has come to an end.
To wrap things up, the version, which will hopefully be added to the tree soon is the one which sets the caps directly in the livefs. Why? Because I still haven’t figured out a good fallback-mechanism, if the livefs doesn’t support caps and the caps can’t be reapplied after the copy.
Don’t worry, I’m working on that, but it won’t be finished by Aug 16th, which is the Pencils Down Date of GSoC. So flameeyes and me decided, that it would be good, to see this version as a final result.
Thanks you all for trying my stuff and commenting. This was the best summer of my life so far, I learned a lot and had a great time. Thanks to my mentor Diego E. “Flameeyes” Pettenò for giving me feedback and encouraging me, when I wasn’t so sure I’m on the right path.
As for my involvement with Gentoo, there is already a recruitment bug for me in bugzilla ;).
I’ve been following the GSoC projects via the planet-larry feed, but I’m still not 100% on what your project means for the average user.
Care to write a “what this means for you” post? :)
I enjoyed reading your updates and hope you will continue to work on this since this could mean huge security improvements!
Keep it up!
@jim
If my project will be included in the tree, it would mean for you, that you could use file-based caps instead of setuid with certain, patched applications.
In other words: File-based caps allow you to grant certain (special) rights instead of the now used setuid-bit.
If the setuid-bit is set an application is executed with rights of the _owner_ and not executer (which is the normal case). If the owner is root, which is the case with most setuid-apps, the executer has full root privileges with this app. That means a privilege escalation is possible, if the program has flaws.
In short with caps, the potential attacker can only gain partial permissions (like permission to use a raw_socket), instead of full root.
I hope your questions are answered :).