Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 10 Jun 2014 17:50:51 +0100
From: Laurent Bercot <ska-dietlibc@...rnet.org>
To: musl@...ts.openwall.com
Subject: Re: musl 1.0.x branch

On 10/06/2014 17:03, Rich Felker wrote:

> FYI you can emulate the usefulness of suid, without the danger, by
> having a daemon on a unix socket that you connect to which provides
> the functionality. This is a vastly superior design because there is
> exactly one input channel to the code running with elevated privileges
> (the socket) as opposed to unboundedly many (environment, open fds,
> resource limits, working directory, priority, signal mask and
> dispositions, cpu affinity, ... and whatever else the kernel folks add
> in the future).

  And now there are even programs designed to help you do exactly that:
  http://skarnet.org/software/s6-networking/s6-sudo.html
  (Shameless plug of the day: achieved)

  However, despite being a good solution for noninteractive programs, the
unix socket mechanism isn't perfect. There are a lot of things it cannot
transmit without significant trouble - in particular terminals and
everything job-control-related, and signals, etc. I've done quite a bit
of thinking while writing s6-sudo, and my conclusion was that it's a
daunting task to get everything working properly with programs that
need a terminal; it would require ugly wrappers à la ptyget, and more.
I'm not convinced it's even worth trying, as opposed to tackling the
existing terminal-using privilege-granting programs and kicking the
suid out of them.

-- 
  Laurent

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.