Subject: Re: open_as vs fuid
To: Michael Richardson <firstname.lastname@example.org>
From: Todd Vierling <email@example.com>
Date: 11/05/2000 19:47:04
On Sun, 5 Nov 2000, Michael Richardson wrote:
: Brett> before this thread moved here there was a proposal made to add
: Brett> another syscall to the kernel that performed the same functions as
: Brett> open but allowed the caller to pass a uid/gid pair as additional
: Brett> parameters. The idea being that setuid programs could safely
: I like this.
: And "fuid" as I'll call it, can be implemented in either user space or
: kernel space (think Linux emulation) in terms of open_as(), but not the
: fuid may be more secure in the face of buffer overflow attacks, etc.
Has ANYONE in this thread considered that we already have a possibly more
secure mechanism for this, that could be combined simultaneously with
authentication for use by a non-suid program?
See unix(4) and its description of passing fd's via a "cmsghdr".
-- Todd Vierling <firstname.lastname@example.org> * http://www.wasabisystems.com/
-- Speed, stability, security, and support. Wasabi NetBSD: Run with it.