DragonFly kernel List (threaded) for 2008-06
DragonFly BSD
DragonFly kernel List (threaded) for 2008-06
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: GSoC 2008 dma enhancements


From: "Steve O'Hara-Smith" <steve@xxxxxxxxxx>
Date: Tue, 3 Jun 2008 11:58:53 +0100

On Tue, 3 Jun 2008 00:27:10 +0200
"Max Lindner" <gisanka@googlemail.com> wrote:

> In order to read a users .forward file, the dma-process must be run as
> root, so it must be set setuid root. This would solve the problem
> which I read at the mailinglist the last week, where it was not
> possible to write a mail from non-root to non-root ootb.

	There was an earlier thread (subject line: "dma user config" around
early February) in which Matt was advocating using a daemon started by root
(rather than setuid) which takes care of the local delivery by forking and
switching to the recipient user. The main point being that a setuid process
is a mechanism by which privileges are increased in an environment
under control of the user while a root started process is one that reduces
privileges and is in an environment which can only be controlled by root.

-- 
C:>WIN                                      |   Directable Mirror Arrays
The computer obeys and wins.                | A better way to focus the sun
You lose and Bill collects.                 |    licences available see
                                            |    http://www.sohara.org/



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]