A few quick searches on google turned up some rather interesting kernel patches...
sockfs: http://users.ox.ac.uk/~mbeattie/linux-kernel.html I'm not quite sure what to make of this. Very interesting, but I can't imagine having 1024 numbers/socket representations in a directory is the best way to configure something.. GID split privilege patch: http://the.wiretapped.net/security/info/textfiles/phrack/phrack52.txt Not as granular; apparently, the gids are hardcoded, so setgid binaries are needed. On Wed, May 02, 2001 at 01:17:17AM +0000, Ken Seefried wrote: > > Forgive my off & on following of this thread; this may have been mentioned. > > Wasn't there a kernel patch at one point detailed in Phrack or some such > that bound the opening of certain priviledged ports to membership in certain > groups? That is, if you belonged to group id 20 (say), you could open port > 80 (say). This allowed otherwise SUID 0 programs to be run as non-priv > users. I want to say that Solar Designer came up with it, but I can't seem > to find the reference to it (in a cursory search). > > Seemed reasonable at the time, although certainly not as elegant as full > privs (which didn't exist back then). Anyone remeber that? > > Ken Seefried, CISSP > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- "... being a Linux user is sort of like living in a house inhabited by a large family of carpenters and architects. Every morning when you wake up, the house is a little different. Maybe there is a new turret, or some walls have moved. Or perhaps someone has temporarily removed the floor under your bed." - Unix for Dummies, 2nd Edition -- found in the .sig of Rob Riggs, [EMAIL PROTECTED]
