[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Re: [SC-L] Re: [Owasp-dotnet] RE: 4 Questions: Latest IE vulnerability, Firefox vs IE security, User vs Admin risk profile, and browsers coded in 100% Managed Verifiable code
- To: "Crispin Cowan" <crispin@xxxxxxxxxx>
- Subject: Re: [Full-disclosure] Re: [SC-L] Re: [Owasp-dotnet] RE: 4 Questions: Latest IE vulnerability, Firefox vs IE security, User vs Admin risk profile, and browsers coded in 100% Managed Verifiable code
- From: "Brian Eaton" <eaton.lists@xxxxxxxxx>
- Date: Thu, 6 Apr 2006 11:38:48 -0400
On 4/5/06, Crispin Cowan <crispin@xxxxxxxxxx> wrote:
> Pascal Meunier wrote:
> > but as you posted an example profile with "capability setuid", I must
> > admit I am curious as to why an email client needs that.
> Well now that is a very good question, but it has nothing to do with
> AppArmor. The AppArmor learning mode just records the actions that the
> application performs. With or without AppArmor, the Thunderbird mail
> client is using cap_setuid. AppArmor gives you the opportunity to *deny*
> that capability, so you can try blocking it and find out. But for
> documentation on why Thunderbird needs it, you would have to look at
> mozilla.org not the AppArmor pages.
Does cap_setuid give a program enough authority to break out of the
AppArmor profile?
Regards,
Brian
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/