Re: Privilege dropping for rtadvd

To: <christos%astron.com@localhost>
Subject: Re: Privilege dropping for rtadvd
From: Roy Marples <roy%marples.name@localhost>
Date: Thu, 27 Jun 2013 16:30:22 +0100

On 27/06/2013 16:01, christos%astron.com@localhost wrote:

In article <20130627114300.GA20412%mx.elandsys.com@localhost>,
 <logan%elandsys.com@localhost> wrote:

Hi,

I'm not sure if people might agree with this, but I'm interested
in having a dedicated user for rtadvd after it's done acquiring
the socket.

OpenBSD already does that:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/rtadvd/rtadvd.c.diff?r1=1.35;r2=1.36


I don't see any reason why not.
I don't mind spending some time on this :)


The problem is that after you drop privs you cannot start listening
to new interfaces that might appear, but the daemon does not do
this now, right?

Sure it can because for IPv6 we just open a single socket not bound forany specific interface.

We check for a valid interface though as we set IPV6_RECVPKTINFO on it.
Or should, I've not tested it though.

Thanks

Roy

Follow-Ups:
- Re: Privilege dropping for rtadvd
  - From: logan

References:
- Privilege dropping for rtadvd
  - From: logan
- Re: Privilege dropping for rtadvd
  - From: Christos Zoulas

Prev by Date: Re: Privilege dropping for rtadvd
Next by Date: Re: Privilege dropping for rtadvd
Previous by Thread: Re: Privilege dropping for rtadvd
Next by Thread: Re: Privilege dropping for rtadvd
Indexes:

Home | Main Index | Thread Index | Old Index