Firewall Wizards mailing list archives
Re: Ports and privileges
From: tqbf () secnet com
Date: Sat, 21 Feb 1998 18:26:34 -0600 (CST)
A very easy way to do this is to make portalfs better and have them use sockets acquired in that manner.
You can already do this without portalfs using credential passing; there was some momentum at OpenBSD for writing a "privileged port" daemon that would accept descriptors from processes and fstat() them to find out who the client was, and then pass back (if the client was authorized) a descriptor for an open bound privileged port (or even a port that had completed an rcmd() exchange). ----------------------------------------------------------------------------- Thomas H. Ptacek Secure Networks, Inc. ----------------------------------------------------------------------------- http://www.enteract.com/~tqbf "mmm... sacrilicious"
Current thread:
- Ports and privileges Chris Pugrud (Feb 20)
- Re: Ports and privileges James W. Abendschan (Feb 24)
- Re: Ports and privileges tqbf (Feb 25)
- Re: Ports and privileges James W. Abendschan (Feb 25)
- Re: Ports and privileges tqbf (Feb 25)
- Re: Ports and privileges Bernhard Schneck (Feb 27)
- Re: Ports and privileges tqbf (Feb 28)
- Re: Ports and privileges James W. Abendschan (Feb 27)
- Re: Ports and privileges tqbf (Feb 25)
- Re: Ports and privileges James W. Abendschan (Feb 24)
- <Possible follow-ups>
- Re: Ports and privileges tqbf (Feb 21)
- Re: Ports and privileges Darren Reed (Feb 21)
- Re: Ports and privileges tqbf (Feb 21)
- Re: Ports and privileges Vinci Chou (Feb 24)
- Re: Ports and privileges Bret McDanel (Feb 25)
- Re: Ports and privileges tqbf (Feb 27)
- Re: Ports and privileges Doug Hughes (Feb 27)
- Re: Ports and privileges Joseph S. D. Yao (Feb 27)
- Re: Ports and privileges Darren Reed (Feb 21)
- Re: Ports and privileges tqbf (Feb 24)
- Re: Ports and privileges John Lines (Feb 25)