summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2008-11-11 21:48:14 +1100
committerJames Morris <jmorris@namei.org>2008-11-11 21:48:14 +1100
commit851f7ff56d9c21272f289dd85fb3f1b6cf7a6e10 (patch)
tree42c72104230d93bf785a4cdda1e1ea5895339db0 /security
parentc0b004413a46a0a5744e6d2b85220fe9d2c33d48 (diff)
downloadlinux-851f7ff56d9c21272f289dd85fb3f1b6cf7a6e10.tar.gz
linux-851f7ff56d9c21272f289dd85fb3f1b6cf7a6e10.tar.bz2
linux-851f7ff56d9c21272f289dd85fb3f1b6cf7a6e10.zip
This patch will print cap_permitted and cap_inheritable data in the PATH
records of any file that has file capabilities set. Files which do not have fcaps set will not have different PATH records. An example audit record if you run: setcap "cap_net_admin+pie" /bin/bash /bin/bash type=SYSCALL msg=audit(1225741937.363:230): arch=c000003e syscall=59 success=yes exit=0 a0=2119230 a1=210da30 a2=20ee290 a3=8 items=2 ppid=2149 pid=2923 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=3 comm="ping" exe="/bin/ping" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null) type=EXECVE msg=audit(1225741937.363:230): argc=2 a0="ping" a1="www.google.com" type=CWD msg=audit(1225741937.363:230): cwd="/root" type=PATH msg=audit(1225741937.363:230): item=0 name="/bin/ping" inode=49256 dev=fd:00 mode=0104755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ping_exec_t:s0 cap_fp=0000000000002000 cap_fi=0000000000002000 cap_fe=1 cap_fver=2 type=PATH msg=audit(1225741937.363:230): item=1 name=(null) inode=507915 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0 Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions