[PlanetCCRMA] kernel: setpcap
Fernando Pablo Lopez-Lezcano
nando@ccrma.Stanford.EDU
Tue May 6 09:46:01 2003
> After much trying, I finally managed to compile my very own, working and
> bootable low-latency, preemptible kernel.
>
> I was more or less following Fernando's page system.html on the
> planet-ccrma site.
>
> Now here's my current problem of the hour. In the page, Fernando says he
> uses the 'capabilities' patch, which allows programs launched by the
> user to run as root.
>
> In any case, I scoured the net and couldn't find said patch. Does anyone
> know where to get it, or its actual complete name?
This is the patch:
=== CUT HERE ===
--- linux/include/linux/capability.h~ Thu Nov 22 11:46:19 2001
+++ linux/include/linux/capability.h Fri Mar 15 15:16:20 2002
@@ -303,8 +303,8 @@
#define CAP_EMPTY_SET to_cap_t(0)
#define CAP_FULL_SET to_cap_t(~0)
-#define CAP_INIT_EFF_SET to_cap_t(~0 & ~CAP_TO_MASK(CAP_SETPCAP))
-#define CAP_INIT_INH_SET to_cap_t(0)
+#define CAP_INIT_EFF_SET to_cap_t(~0)
+#define CAP_INIT_INH_SET to_cap_t(~0)
#define CAP_TO_MASK(x) (1 << (x))
#define cap_raise(c, flag) (cap_t(c) |= CAP_TO_MASK(flag))
=== CUT HERE ===
See this for more info:
http://www.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.2/capfaq-0.2.txt
-- Fernando