[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#323341: marked as done (lcap: Produces wrong output when CAP_SYS_MODULE is removed)

Your message dated Sat, 12 Apr 2008 10:51:36 +1000
with message-id <20080412005136.GU4719@debianrules.debiancolombia.org>
and subject line lcap 0.0.6-4
has caused the Debian Bug report #323341,
regarding lcap: Produces wrong output when CAP_SYS_MODULE is removed
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org

323341: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323341
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: lcap
Version: 0.0.6-3
Severity: important


Removing capabilities with lcap on a 2.6.11 kernel without capability.ko
module loaded does not produce any warning or error. In fact, it erroneously
indicates that the capability was successfully removed, creating a false
impression of security.

Another oddity (possibly related) occurs when capability.ko is loaded and
CAP_SYS_MODULE is then removed (again, on 2.6.11). In that case _all_ the
capabilities are removed, contrary to the expectation. Removing other
capabilities appears to work as expected.

Best regards,

Jurij Smakov                                        jurij@wooyd.org
Key: http://www.wooyd.org/pgpkey/                   KeyID: C99E03CC

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (101, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages lcap depends on:
ii  libc6                       2.3.2.ds1-22 GNU C Library: Shared libraries an

-- no debconf information

--- End Message ---
--- Begin Message ---
Version: 0.0.6-4

Hash: SHA1

Format: 1.7
Date: Wed, 09 Apr 2008 00:20:29 -0400
Source: lcap
Binary: lcap
Architecture: source mips
Version: 0.0.6-4
Distribution: unstable
Urgency: low
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Barry deFreese <bddebian@comcast.net>
 lcap       - Removes 'capabilities' in the kernel, making the system more secu
 lcap (0.0.6-4) unstable; urgency=low
   * QA upload.
     + Set maintainer to Debian QA Group <packages@qa.debian.org>.
   * Acknowledge NMUs.
   * Make clean not ignore errors.
   * Convert debian/copyright to UTF-8.
   * Fix capitalization typo in manpage section.
   * Bump debhelper build-dep and compat to 5.
   * Bump Standards Version to 3.7.3. (No changes needed).
 f42a9430ee9af078907133402c6d7a5a 551 admin optional lcap_0.0.6-4.dsc
 5b3888607fa3a40f2a7831e187e09d80 3405 admin optional lcap_0.0.6-4.diff.gz
 7aadc2229995b0961bd4a25b42720d69 10916 admin optional lcap_0.0.6-4_mips.deb

Version: GnuPG v1.4.6 (GNU/Linux)


--- End Message ---

Reply to: