svn commit: r341689 - in head: lib/libc/sys sys/compat/freebsd32 sys/kern sys/sys
Conrad Meyer
cem at freebsd.org
Fri Dec 7 19:00:18 UTC 2018
On Fri, Dec 7, 2018 at 10:05 AM John Baldwin <jhb at freebsd.org> wrote:
> The
> requirement for root mostly mitigates this when root vs not-root is your
> only privilege. However, a capsicum vs non-capsicum process is a more
> recent privilege that is orthogonal to root vs non-root. It might be that
> allowing a capsicumized root to create links to files that were intentionally
> unlinked by a non-capsicumized root would be the same problem.
None of these syscalls were added to sys/kern/capabilities.conf, so I
think a capsicum-contained root cannot use them anyway. Maybe I
misunderstand how capabilities.conf works, though.
Best,
Conrad
More information about the svn-src-all
mailing list