tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: /sbin/reboot and secmodel

On Mon, 17 Mar 2008, Matthew Mondor wrote:
There certainly are other such cases where setuid/setgid elimination
will be problematic...  It would be nice to be able to come up with a
general mechanism which could solve this situation in all similar
cases that'll come up.

Have your random app call the reboot system call, have the kernel check if that's ok, and then have the kernel signal the userland facility to initiate the shutdown: init.

Internal communication can e.g. be done via a named pipe:
prw-------   1 root     root           0 Feb 14 16:51 /etc/initpipe

(Yeah, example taken from Solaris :)

 - Hubert

Home | Main Index | Thread Index | Old Index