We have users who are terribly confused why their binaries
with CAP_DAC_OVERRIDE capability see EACCESS from access() calls,
but are able to read the file.
The reason is access() isn't the "can I read/write/execute this
file?" question, it is the "(assuming that I'm a setuid binary,)
can *the user who invoked me* read/write/execute this file?"
question.
That's why it uses real UIDs as documented, and why it ignores
capabilities when capability-endorsed binaries are run by non-root
(this patch adds this information).
To make users more likely to notice this less-known detail,
the patch expands the explanation with rationale for this logic
into a separate paragraph.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
CC: linux-man@vger.kernel.org
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
from https://bugzilla.redhat.com/show_bug.cgi?id=1110401.
unix.7 is not clear about socket type of ioctl_type argument of
ioctl() function. The description of SIOCINQ is applicable only
for SOCK_STREAM socket. For SOCK_DGRAM, udp(7) man page gives
correct description of SIOCINQ
Signed-off-by: Jan Chaloupka <jchaloup@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
I am not sure why we have:
"EAGAIN fork() cannot allocate sufficient memory to copy
the parent's page tables and allocate a task structure
or the child."
The text seems to be there from the time when man-pages
were moved to git so there is no history for it.
And it doesn't reflect reality: the kernel reports both
dup_task_struct and dup_mm failures as ENOMEM to the
userspace. This seems to be the case from early 2.x times
so let's simply remove this part.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Heavily based on Stephen Smalley's text in
https://lwn.net/Articles/28222/
From: Stephen Smalley <sds@epoch.ncsc.mil>
To: LKML and others
Subject: [RFC][PATCH] Process Attribute API for Security Modules
Date: 08 Apr 2003 16:17:52 -0400
Cowritten-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This might however change in the future; see the Jan 2015 LKML thread:
Re: [RFC][PATCH v2] procfs: Always expose /proc/<pid>/map_files/
and make it readable
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Verified by experiment on Linux 3.15 and 3.19rc4.
Acked-by: Jeff Layton <jlayton@poochiereds.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
And note that /proc/sys/fs/suid_dumpable defines the
value assigned to the process "dumpable" flag in certain
circumstances.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Let's assume Michael's email address did not change.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Fix tzset.3 regression, dst is optional.
$ date
Sun Feb 1 15:14:33 EST 2015
$ TZ=NZST-12 date
Mon Feb 2 08:14:38 NZST 2015
$ TZ=EST5 date
Sun Feb 1 15:15:02 EST 2015
Signed-off-by: J William Piggott <elseifthen@gmx.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>