[Full-disclosure] Re: [SC-L] Re: [Owasp-dotnet] RE: 4 Questions: Latest IE vulnerability, Firefox vs IE security, User vs Admin risk profile, and browsers coded in 100% Managed Verifiable code
Brian Eaton
eaton.lists at gmail.com
Thu Apr 6 16:38:48 BST 2006
On 4/5/06, Crispin Cowan <crispin at novell.com> wrote:
> Pascal Meunier wrote:
> > but as you posted an example profile with "capability setuid", I must
> > admit I am curious as to why an email client needs that.
> Well now that is a very good question, but it has nothing to do with
> AppArmor. The AppArmor learning mode just records the actions that the
> application performs. With or without AppArmor, the Thunderbird mail
> client is using cap_setuid. AppArmor gives you the opportunity to *deny*
> that capability, so you can try blocking it and find out. But for
> documentation on why Thunderbird needs it, you would have to look at
> mozilla.org not the AppArmor pages.
Does cap_setuid give a program enough authority to break out of the
AppArmor profile?
Regards,
Brian
Full-Disclosure is hosted and sponsored by Secunia.