DragonFly kernel List (threaded) for 2008-06
DragonFly BSD
DragonFly kernel List (threaded) for 2008-06
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: GSoC 2008 dma enhancements

From: "Simon 'corecode' Schubert" <corecode@xxxxxxxxxxxx>
Date: Tue, 03 Jun 2008 13:16:35 +0200

Steve O'Hara-Smith wrote:
On Tue, 3 Jun 2008 00:27:10 +0200
"Max Lindner" <gisanka@googlemail.com> wrote:

In order to read a users .forward file, the dma-process must be run as
root, so it must be set setuid root. This would solve the problem
which I read at the mailinglist the last week, where it was not
possible to write a mail from non-root to non-root ootb.

There was an earlier thread (subject line: "dma user config" around early February) in which Matt was advocating using a daemon started by root (rather than setuid) which takes care of the local delivery by forking and switching to the recipient user. The main point being that a setuid process is a mechanism by which privileges are increased in an environment under control of the user while a root started process is one that reduces privileges and is in an environment which can only be controlled by root.

To add my ¢2, my original design tried to avoid a daemon process, and I still believe this is the right way. I'd like to see a setuid binary. This has to be coded *very* carefully though. I'd do something like fork instantly in main, drop privileges in the parent, have the child listen on a pipe. Do all processing in the parent, request some open files from the parent, which then get passed through the pipe (I seem to remember that it is possible to pass fds, I think I read it in APUE).


Serve - BSD     +++  RENT this banner advert  +++    ASCII Ribbon   /"\
Work - Mac      +++  space for low €€€ NOW!1  +++      Campaign     \ /
Party Enjoy Relax   |   http://dragonflybsd.org      Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz       Mail + News   / \

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]