tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: suenv



On Tue, 23 Oct 2012, Emmanuel Dreyfus wrote:

snip>
In that situation, and perhaps in others, it would be nice if the
administrator could configure a trusted environement for setUID
binaries. We would need a way to feed a colon-separated list of
environement variables (example:
LD_PRELOAD=/usr/lib/libpthread.so:FOO=bar). I see two way of dealing
with it:
1) lookup in /etc/suenv.d/$progname (probably libc based)
2) use sysctl security.suenv.$progname (kernel based)

I like the second one, which is simple to implement and cannot be messed
up with incorrect file permissions. I would fix my problem like this:
sysctl -w security.suenv.su=LD_PRELOAD=/usr/lib/libpthread.so
sysctl -w security.suenv.login=LD_PRELOAD=/usr/lib/libpthread.so

Opinions?

This would require that the entire set of programs be known in advance, in order to create the sysctl(9) nodes. As far as I can tell, usermode code has no mechanism to create new nodes for other suid binaries that you might want to add.



-------------------------------------------------------------------------
| Paul Goyette     | PGP Key fingerprint:     | E-mail addresses:       |
| Customer Service | FA29 0E3B 35AF E8AE 6651 | paul at whooppee.com    |
| Network Engineer | 0786 F758 55DE 53BA 7731 | pgoyette at juniper.net |
| Kernel Developer |                          | pgoyette at netbsd.org  |
-------------------------------------------------------------------------


Home | Main Index | Thread Index | Old Index