OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: open_as vs fuid
From: Todd Vierling (tvwasabisystems.com)
Date: Sun Nov 05 2000 - 18:47:04 CST


On Sun, 5 Nov 2000, Michael Richardson wrote:

: Brett> before this thread moved here there was a proposal made to add
: Brett> another syscall to the kernel that performed the same functions as
: Brett> open but allowed the caller to pass a uid/gid pair as additional
: Brett> parameters. The idea being that setuid programs could safely
:
: I like this.

: Exactly.
: And "fuid" as I'll call it, can be implemented in either user space or
: kernel space (think Linux emulation) in terms of open_as(), but not the
: converse.
: fuid may be more secure in the face of buffer overflow attacks, etc.

Has ANYONE in this thread considered that we already have a possibly more
secure mechanism for this, that could be combined simultaneously with
authentication for use by a non-suid program?

See unix(4) and its description of passing fd's via a "cmsghdr".

-- 
-- Todd Vierling <tvwasabisystems.com>  *  http://www.wasabisystems.com/
-- Speed, stability, security, and support.  Wasabi NetBSD:  Run with it.