NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: pthread_setaffinity_np() permissions / secmodel sysctl(7)s



On Fri, 04 Nov 2011 01:39:45 +0100, Jean-Yves Migeon wrote:
(CCing tech-kern)

On 03.11.2011 10:38, Jean-Yves Migeon wrote:
On Wed, 2 Nov 2011 22:36:58 -0400, Thor Lancelot Simon wrote:
On Thu, Nov 03, 2011 at 03:30:54AM +0100, Jean-Yves Migeon wrote:
Should not? I took the same logic as the one allowing usermounts.
It's a matter of policy though.

None of the security sysctls should be changeable at securelevel 1 or
higher. Certainly it should not be possible to grant additional
privileges
to non-root users. Is there logic somewhere else preventing it, like
in the relevant kauth listener perhaps?

None, the checks are simply not implemented in secmodel_securelevel(9).
I'll have a look this evening.

This has to be done for each variable though depending on their use: in
usermount/usersetaffinity cases, it's reasonable to deny additional
rights to non-root users, but turning off these rights should still be
permitted even when securelevel is set to 1+.

I hit an interesting scenario here -- an interdependency problem
between secmodel modules.

FWIW I received a private reply from Elad with an API proposal (not yet implemented, so I'll look into it).

--
Jean-Yves Migeon
jeanyves.migeon%free.fr@localhost

--
Jean-Yves Migeon
jeanyves.migeon%free.fr@localhost


Home | Main Index | Thread Index | Old Index