|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: open_as vs fuid
From: Andrew Brown (atatat
atatdot.net)Date: Sun Nov 05 2000 - 23:06:06 CST
- Next message: Brett Lymn: "Re: open_as vs fuid"
- Previous message: Brett Lymn: "Re: open_as vs fuid"
- In reply to: matthew green: "re: open_as vs fuid"
- Next in thread: Michael Richardson: "Re: open_as vs fuid"
- Next in thread: Thor Lancelot Simon: "Re: $HOSTALIASES thing."
- Reply: Andrew Brown: "Re: open_as vs fuid"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> Has ANYONE in this thread considered that we already have a possibly more
> secure mechanism for this, that could be combined simultaneously with
> authentication for use by a non-suid program?
>
> See unix(4) and its description of passing fd's via a "cmsghdr".
>
>how does this fix ping & traceroute as they currently stand?
they could be changed to do this:
int
main(int argc, char *argv[])
{
/* various declarations */
int p[2];
pipe(p);
switch (fork()) {
case -1: err(1, "fork");
case 0: close(p[1]); suid_function(); exit(0);
default: close(p[0]); setuid(getuid()); break;
}
...
and then it could repeatedly ask for the sockets that it needs,
without you having to audit anything except suid_function().
-- |-----< "CODE WARRIOR" >-----| codewarrior
- Next message: Brett Lymn: "Re: open_as vs fuid"
- Previous message: Brett Lymn: "Re: open_as vs fuid"
- In reply to: matthew green: "re: open_as vs fuid"
- Next in thread: Michael Richardson: "Re: open_as vs fuid"
- Next in thread: Thor Lancelot Simon: "Re: $HOSTALIASES thing."
- Reply: Andrew Brown: "Re: open_as vs fuid"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]