Re: [LEDE-DEV] running stuff as !root

2016-05-18 Thread Radu Anghel
/* sending again because i hit 'reply' instead of 'reply all' :) */ On Wed, May 18, 2016 at 8:29 AM, John Crispin wrote: > > ok, there had been some discussion about building a super daemon that > runs, then ld-preloading bind() and co and using ubus to transport > sockets around. using caps or /

Re: [LEDE-DEV] running stuff as !root

2016-05-18 Thread Radu Anghel
On Wed, May 18, 2016 at 9:25 AM, John Crispin wrote: > > to elaborate, imagine dnsmasq running inside a jailm where ut only > thinks it is root but is not in reality. also ld-preloading bind and > connect would allow us to do pretty adavnced stuff like only allowing > dnsmasq to open certain ports

Re: [LEDE-DEV] running stuff as !root

2016-05-18 Thread Radu Anghel
Replying to myself :) On Wed, May 18, 2016 at 10:53 AM, Radu Anghel wrote: > > step 1. add users to /etc/passwd (in the pre/post-install script > probably, trying to use same uid/gid as major distributions would be > nice) > step 2. add config option for user/group in the relev