tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

re: Addition to kauth(9) framework



>> > In article <20110829003259.913F014A289%mail.netbsd.org@localhost>,
>> > YAMAMOTO Takashi <yamt%mwd.biglobe.ne.jp@localhost> wrote:
>> >>hi,
>> >>
>> >>> I'd like to apply the attached patch.
>> >>> It implements two things:
>> >>> 
>> >>> - chroot(2)-ed process is given new kauth_cred_t with reference count
>> >>>   equal to 1.
>> >>
>> >>can you find a way to avoid this?
>> >>
>> >>YAMAMOTO Takashi
>> > 
>> > He tried and I think that this is the minimal hook he needs.
>> 
>> do you mean that we need to unshare the credential unconditionally,
>> regardless his module is used or not?  why?
> 
> maybe it's just me, but i actually have absolutely no problem
> with chroot unsharing kauth_cred_t by default.  it just seems
> to have more generic safety aspects.

if you want safety for bugs, it's better to make modification attempts
(eg. kauth_cred_setuid) automatically unshare the cred.  iirc it's
what apple does.

YAMAMOTO Takashi

> 
> 
> .mrg.


Home | Main Index | Thread Index | Old Index