Subject: Re: changes to routing socket semantics
To: Angelos D. Keromytis <>
From: Jason Thorpe <>
List: tech-security
Date: 02/22/1997 12:16:06
On Sat, 22 Feb 1997 15:03:15 +0000 
 "Angelos D. Keromytis" <angelos@AURORA.CIS.UPENN.EDU> wrote:

 > Yes; however you can "penalize" them - if they don't use kernfs, they
 > have to have suid/sgid programs.

I think that's broken, though.  I'd like to eliminate as many
setuid/setgid programs as is feasible.  If we can make trivial changes
to the kernel to have all priviledge requirements enforced there, I think
that's a good thing.

Plus, then what do you do if you happen to boot a new kernel with kernfs?
You have a bunch of setuid programs sitting around that don't need the
setuid bit...

The only way to have a standard binary distribution in this case is to
enforce priviledge requirements in the kernel.

Jason R. Thorpe                             
NASA Ames Research Center                               Home: 408.866.1912
NAS: M/S 258-6                                          Work: 415.604.0935
Moffett Field, CA 94035                                Pager: 415.428.6939