Re: /sbin/reboot and secmodel

To: Matthew Mondor <mm_lists%pulsar-zone.net@localhost>
Subject: Re: /sbin/reboot and secmodel
From: Hubert Feyrer <hubert%feyrer.de@localhost>
Date: Mon, 17 Mar 2008 21:19:52 +0100 (CET)

On Mon, 17 Mar 2008, Matthew Mondor wrote:

There certainly are other such cases where setuid/setgid elimination
will be problematic...  It would be nice to be able to come up with a
general mechanism which could solve this situation in all similar
cases that'll come up.

Have your random app call the reboot system call, have the kernel check ifthat's ok, and then have the kernel signal the userland facility toinitiate the shutdown: init.


Internal communication can e.g. be done via a named pipe:
prw-------   1 root     root           0 Feb 14 16:51 /etc/initpipe

(Yeah, example taken from Solaris :)


 - Hubert

Follow-Ups:
- Re: /sbin/reboot and secmodel
  - From: der Mouse

References:
- Re: /sbin/reboot and secmodel
  - From: Matthew Mondor

Prev by Date: Re: /sbin/reboot and secmodel
Next by Date: Re: /sbin/reboot and secmodel
Previous by Thread: Re: /sbin/reboot and secmodel
Next by Thread: Re: /sbin/reboot and secmodel
Indexes:

Home | Main Index | Thread Index | Old Index