tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Privilege dropping for rtadvd

On Thu, Jun 27, 2013 at 03:01:18PM +0000, Christos Zoulas wrote:
> The problem is that after you drop privs you cannot start listening
> to new interfaces that might appear, but the daemon does not do
> this now, right?

Another alternative might be to adjust our system security policy so
that the system could be configured for a non-root user to do these
things.  This is actually pretty easy to do with kauth, but figuring
out a clean userland interface to it is harder.

The clockctl device is the obvious prior art, though.


Home | Main Index | Thread Index | Old Index