lock_pool drops capabilities even when running as root
Werner Koch
wk at gnupg.org
Thu Dec 4 09:13:54 CET 2014
On Wed, 3 Dec 2014 18:57, mac at mcrowe.com said:
> We upgraded libgcrypt so we could use
> gcry_control(GCRYCTL_DISABLE_PRIV_DROP) but this did not help (for reasons
> that were obvious once I looked more closely.)
That was the idea. It seems it has not been tested with capabilities.
What do you think of this patch to make GCRYCTL_DISABLE_PRIV_DROP work
as expected:
diff --git a/src/secmem.c b/src/secmem.c
index cfea921..4db80a8 100644
--- a/src/secmem.c
+++ b/src/secmem.c
@@ -245,15 +245,21 @@ lock_pool (void *p, size_t n)
{
cap_t cap;
- cap = cap_from_text ("cap_ipc_lock+ep");
- cap_set_proc (cap);
- cap_free (cap);
+ if (!no_priv_drop)
+ {
+ cap = cap_from_text ("cap_ipc_lock+ep");
+ cap_set_proc (cap);
+ cap_free (cap);
+ }
err = no_mlock? 0 : mlock (p, n);
if (err && errno)
err = errno;
- cap = cap_from_text ("cap_ipc_lock+p");
- cap_set_proc (cap);
- cap_free(cap);
+ if (!no_priv_drop)
+ {
+ cap = cap_from_text ("cap_ipc_lock+p");
+ cap_set_proc (cap);
+ cap_free(cap);
+ }
}
if (err)
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gcrypt-devel
mailing list