Subject: Re: changes to routing socket semantics
To: Angelos D. Keromytis <firstname.lastname@example.org>
From: Jason Thorpe <email@example.com>
Date: 02/22/1997 12:16:06
On Sat, 22 Feb 1997 15:03:15 +0000
"Angelos D. Keromytis" <angelos@AURORA.CIS.UPENN.EDU> wrote:
> Yes; however you can "penalize" them - if they don't use kernfs, they
> have to have suid/sgid programs.
I think that's broken, though. I'd like to eliminate as many
setuid/setgid programs as is feasible. If we can make trivial changes
to the kernel to have all priviledge requirements enforced there, I think
that's a good thing.
Plus, then what do you do if you happen to boot a new kernel with kernfs?
You have a bunch of setuid programs sitting around that don't need the
The only way to have a standard binary distribution in this case is to
enforce priviledge requirements in the kernel.
Jason R. Thorpe firstname.lastname@example.org
NASA Ames Research Center Home: 408.866.1912
NAS: M/S 258-6 Work: 415.604.0935
Moffett Field, CA 94035 Pager: 415.428.6939