On 7 May 2001, Dag-Erling Smorgrav wrote:
> Alfred Perlstein <[EMAIL PROTECTED]> writes:
> > The silly part of it is that the socket's initial credentials
> > might be different than the holder's credentials.
>
> That's a feature, just like you can open /dev/io as root, then drop
> root privs and do direct I/O to your heart's content even if you're no
> longer root.
>
> DES
That feature is undesireable in some places, however. As an example,
sockets passed from a daemon running as root to child processes as nobody
still have root privs on the sockets. As such, you can't use sbsize
limiting or ipfw's uid-based tracking on apache and presumably any other
root spawning, priv dropping daemons.
Patching the net code to drop the privs to match those of the accepting
connection was easy, though I didn't test enough to check if it broke the
/dev/io case or others.
Mike "Silby" Silbersack
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
