Re: /sbin/reboot and secmodel

To: tech-kern%NetBSD.org@localhost
Subject: Re: /sbin/reboot and secmodel
From: der Mouse <mouse%Rodents.Montreal.QC.CA@localhost>
Date: Tue, 18 Mar 2008 12:30:15 -0400 (EDT)

>> Traditional set-ID bits solve this as a side effect of the "you
>> can't kill(2) processes that aren't yours" restriction; I'm not sure
>> what should replace that.
> Perhaps I am missing something, but looking at [restrictions on
> kill(2)]

> So, for example, I don't see how a setgid program would be protected
> against taking a signal if the same user is running it and sending
> the signal.

!!

> Testing this, I [find it works as it appears to]

(a) I'm..rather surprised by this.  Thanks for the reality check.

(b) The whole discussion is a tempest in a teapot, since the risk we've
been worrying about has been there all along and the world hasn't caved
in, so I see nothing wrong with leaving it there at least for now.

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               mouse%rodents.montreal.qc.ca@localhost
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Follow-Ups:
- Re: /sbin/reboot and secmodel
  - From: Daniel Carosone

References:
- Re: /sbin/reboot and secmodel
  - From: Brian Buhrow
- Re: /sbin/reboot and secmodel
  - From: Elad Efrat
- Re: /sbin/reboot and secmodel
  - From: der Mouse
- Re: /sbin/reboot and secmodel
  - From: Daniel Carosone
- Re: /sbin/reboot and secmodel
  - From: der Mouse
- Re: /sbin/reboot and secmodel
  - From: Daniel Carosone
- Re: /sbin/reboot and secmodel
  - From: der Mouse
- Re: /sbin/reboot and secmodel
  - From: Terry Moore
- Re: /sbin/reboot and secmodel
  - From: der Mouse
- Re: /sbin/reboot and secmodel
  - From: Elad Efrat

Prev by Date: Re: select/poll optimization
Next by Date: Re: /sbin/reboot and secmodel
Previous by Thread: Re: /sbin/reboot and secmodel
Next by Thread: Re: /sbin/reboot and secmodel
Indexes:

Home | Main Index | Thread Index | Old Index