-----BEGIN PGP SIGNED MESSAGE-----


In message <199702221552.HAA09612@stilton.cisco.com>, David Carrel writes:
>> Just a heads up... I just committed a change to the routing socket code
>> that allow non-superuser to open, listen, and perform RTM_GET.  This
>> is sufficient to allow normal use of /sbin/route, and have permissions of
>> all routing table changes enforced in the kernel.  /sbin/route is no
>> longer setuid-root.
>
>Thank you!  I have really hated dealing with route being setuid and
>enforcing permissions based on real user id.  I'd like to propose some
>further changes.

I've always believed that a solid kernfs interface would solve this
kind of problem (suid needed just to read a few things).
- -Angelos

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAwUBMw8WTb0pBjh2h1kFAQHBnQP/eHBKD+2Uhq5sICdmEFEmKIyonYKQHOi5
+soKKXlRxnhFjMyjQIUWni9ZE0iUwbfCmB15kHrTnkxkdVvuq9tBtGBDhpBTL+Ho
gvehEBRu+Zk3hBVpnw7mWOJZBsm5XTKzATf34PtTO53kb0gScDG/wMaR4KZcvN+x
zTxI3uguX9M=
=k3bl
-----END PGP SIGNATURE-----