Subject: Re: open_as vs fuid
To: Michael Richardson <>
From: Todd Vierling <>
List: tech-kern
Date: 11/05/2000 19:47:04
On Sun, 5 Nov 2000, Michael Richardson wrote:

:     Brett> before this thread moved here there was a proposal made to add
:     Brett> another syscall to the kernel that performed the same functions as
:     Brett> open but allowed the caller to pass a uid/gid pair as additional
:     Brett> parameters.  The idea being that setuid programs could safely
:   I like this.

:   Exactly.
:   And "fuid" as I'll call it, can be implemented in either user space or
: kernel space (think Linux emulation) in terms of open_as(), but not the
: converse.
:   fuid may be more secure in the face of buffer overflow attacks, etc.

Has ANYONE in this thread considered that we already have a possibly more
secure mechanism for this, that could be combined simultaneously with
authentication for use by a non-suid program?

See unix(4) and its description of passing fd's via a "cmsghdr".

-- Todd Vierling <>  *
-- Speed, stability, security, and support.  Wasabi NetBSD:  Run with it.