[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] lcap, /dev/mem and CAP_SYS_RAWIO

Subject: [cobalt-security] lcap, /dev/mem and CAP_SYS_RAWIO
From: Stuart Robinson <stuart@xxxxxxxxxxxxxxxxx>
Date: Tue, 28 Aug 2001 11:11:24 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

According to the LCAP homepage <http://home.netcom.com/~spoon/lcap/> setting CAP_SYS_MODULE without setting CAP_SYS_RAWIO is of limited benefit as root can still write to /dev/mem. Setting CAP_SYS_RAWIO breaks X but does it break any software on a RAQ? I was particularly thinking of tcpdump and its kindred.

Thanks,
Stu.

Follow-Ups:
- Re: [cobalt-security] lcap, /dev/mem and CAP_SYS_RAWIO
  - From: Michael Stauber

Prev by Date: [cobalt-security] Security issue regarding Sites Backups
Next by Date: RE: [cobalt-security] RaQ2 Hacked within 1 day of being online
Previous by thread: [cobalt-security] Re: Passwords
Next by thread: Re: [cobalt-security] lcap, /dev/mem and CAP_SYS_RAWIO

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index