pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[Package Suggestion] Socker



Hi,

is there any interest in adding Socker[1] to pkgsrc?

Let me cite the webpage:
"Socker is a helper tool and library which allows giving unprivileged
processes access to privileged sockets. It is currently known to work
on FreeBSD, NetBSD and Linux systems. Socker is distributed under a
BSD license."

In other words, it allows you to run _and_ start e.g., a web server
on port 80 - or any other kind of server on a port below 1024 - 
without root-privileges whilst still limiting access to certain
user accounts without any less efficient and less safe NAT (port
redirection) tricks. Access to raw sockets can be granted as well.

"Socker uses a feature known as file descriptor passing over unix
domain sockets. Socker itself consists of two parts: A helper program
and a library.  The helper program must be installed with the
setuid-bit set for user root.  When executed, this helper program
socker checks whether the user is allowed to create a socket with the
specified parameters. If permissions are granted, socker creates and
binds a socket using given parameters. The socket is then passed back
to the caller."

Of course, it's not very useful unless programs start using it. For
what it's worth, I'm considering adding the possibility to use
the good old LD_PRELOAD trick, so that existing programs can use it
without the need of modifications  - unless they have some built-in
precautions against this.

[1] http://www.ghostwhitecrab.com/socker/

Thanks for your time,
Christian

Attachment: pgp8Pqq3_Rtew.pgp
Description: PGP signature



Home | Main Index | Thread Index | Old Index