Re: Privilege dropping for rtadvd

To: Christos Zoulas <christos%astron.com@localhost>
Subject: Re: Privilege dropping for rtadvd
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Thu, 27 Jun 2013 13:20:08 -0400

On Thu, Jun 27, 2013 at 03:01:18PM +0000, Christos Zoulas wrote:
> 
> The problem is that after you drop privs you cannot start listening
> to new interfaces that might appear, but the daemon does not do
> this now, right?

Another alternative might be to adjust our system security policy so
that the system could be configured for a non-root user to do these
things.  This is actually pretty easy to do with kauth, but figuring
out a clean userland interface to it is harder.

The clockctl device is the obvious prior art, though.

Thor

Follow-Ups:
- Re: Privilege dropping for rtadvd
  - From: Christos Zoulas
- Re: Privilege dropping for rtadvd
  - From: logan

References:
- Privilege dropping for rtadvd
  - From: logan
- Re: Privilege dropping for rtadvd
  - From: Christos Zoulas

Prev by Date: Re: Privilege dropping for rtadvd
Next by Date: Re: Privilege dropping for rtadvd
Previous by Thread: Re: Privilege dropping for rtadvd
Next by Thread: Re: Privilege dropping for rtadvd
Indexes:

Home | Main Index | Thread Index | Old Index