[Dnsmasq-discuss] dnsmasq runs as root if setcap() fails

Simon Kelley simon at thekelleys.org.uk
Thu Jun 19 11:51:20 BST 2008


Uwe Gansert wrote:
> Hi,
> 
> our security team did a review of the dnsmasq package in openSUSE. 
> This bug: https://bugzilla.novell.com/show_bug.cgi?id=401650 is maybe
> worth a discussion here.
Hmm, can't get at that without a login, are there any other interesting
conclusions about dnsmasq security from the review?
> 
> Quote: dnsmasq runs as root if the call to setcap() fails. For
> security reasons it would be better to quit in this case. If the
> system intentionally lacks capability support in the kernel the admin
> can explicity configure dnsmasqd to run as root via dnsmasqd.conf.
> This issue is not distro specific IMHO and probably worth reporting
> upstream.
> 
> 
> 
I'd be interested in opinions on this. Clearly, I think the current
behaviour is good, since I coded it that way, but I'm willing to be
persuaded otherwise. It's worth noting that in that in these
circumstances (ie lack of suitable capability support) dnsmasq logs very
explicit warning:

dnsmasq: warning: setting capabilities failed: <error>
dnsmasq: running as root.


Cheers,

Simon.




More information about the Dnsmasq-discuss mailing list