Re: pthread_setaffinity_np() permissions / secmodel sysctl(7)s

To: Thor Lancelot Simon <tls%panix.com@localhost>
Subject: Re: pthread_setaffinity_np() permissions / secmodel sysctl(7)s
From: Jean-Yves Migeon <jeanyves.migeon%free.fr@localhost>
Date: Fri, 04 Nov 2011 11:00:23 +0100

On Fri, 04 Nov 2011 01:39:45 +0100, Jean-Yves Migeon wrote:

(CCing tech-kern)

On 03.11.2011 10:38, Jean-Yves Migeon wrote:
On Wed, 2 Nov 2011 22:36:58 -0400, Thor Lancelot Simon wrote:
On Thu, Nov 03, 2011 at 03:30:54AM +0100, Jean-Yves Migeon wrote:
Should not? I took the same logic as the one allowing usermounts.
It's a matter of policy though.
None of the security sysctls should be changeable at securelevel 1or
higher. Certainly it should not be possible to grant additional
privileges
to non-root users. Is there logic somewhere else preventing it,like
in the relevant kauth listener perhaps?
None, the checks are simply not implemented insecmodel_securelevel(9).
I'll have a look this evening.
This has to be done for each variable though depending on their use:in
usermount/usersetaffinity cases, it's reasonable to deny additional
rights to non-root users, but turning off these rights should stillbe
permitted even when securelevel is set to 1+.
I hit an interesting scenario here -- an interdependency problem
between secmodel modules.

FWIW I received a private reply from Elad with an API proposal (not yetimplemented, so I'll look into it).


--
Jean-Yves Migeon
jeanyves.migeon%free.fr@localhost

--
Jean-Yves Migeon
jeanyves.migeon%free.fr@localhost

References:
- Re: pthread_setaffinity_np() permissions / secmodel sysctl(7)s
  - From: Jean-Yves Migeon

Prev by Date: sys_pipe2() leaks file descriptors to %eax and %edx on i386
Next by Date: Re: getrusage() problems with user vs. system time reporting
Previous by Thread: Re: pthread_setaffinity_np() permissions / secmodel sysctl(7)s
Next by Thread: sys_pipe2() leaks file descriptors to %eax and %edx on i386
Indexes:

Home | Main Index | Thread Index | Old Index