Subject: Re: $HOSTALIASES thing.
To: Thor Lancelot Simon <tls@mail.netbsd.org>
From: Simon Gerraty <sjg@juniper.net>
List: tech-kern
Date: 11/03/2000 15:42:03
On Fri, 03 Nov 2000 10:58:41 PST, Thor Lancelot Simon wrote:
>A nice mechanism is to have programs that used to be setuid become setgid;
>they can then exec tiny setuid programs that are executable only by the
>appropriate group, which can then pass them back the descriptors they need.
>This technique is simple, elegant, and has the benefit that it completely
>isolates all code that runs with root privileges, so it's much easier to
>verify.
Yep. I've used a simple set-uid tool which does binding of reserved
sockets this way. An ftp proxy for instance calls bind_port() which
does the binding directly if possible, otherwise invokes the set-uid
tool to do it. The library call and tool are both compiled from the
same .c file - so its easy to be sure they do things the same way.
>Note that I've moved this discussion to tech-security/tech-kern as it
>seems more appropriate there.
My subscriptions to thos lists are still directed at a machine which
is down (has been for months) so pls cc me if you want response.
--sjg