From owner-freebsd-hackers Wed Nov 15 9:15:59 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 742C537B4E5 for ; Wed, 15 Nov 2000 09:15:54 -0800 (PST) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id eAFHFpR17686; Wed, 15 Nov 2000 10:15:51 -0700 (MST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id KAA56762; Wed, 15 Nov 2000 10:15:51 -0700 (MST) Message-Id: <200011151715.KAA56762@harmony.village.org> To: Peter Pentchev Subject: Re: changing a running process's credentials Cc: Alfred Perlstein , freebsd-hackers@FreeBSD.ORG In-reply-to: Your message of "Wed, 15 Nov 2000 19:01:35 +0200." <20001115190135.E309@ringworld.oblivion.bg> References: <20001115190135.E309@ringworld.oblivion.bg> <20001115161316.C309@ringworld.oblivion.bg> <20001115084722.I29448@fw.wintelcom.net> Date: Wed, 15 Nov 2000 10:15:51 -0700 From: Warner Losh Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20001115190135.E309@ringworld.oblivion.bg> Peter Pentchev writes: : Hmm.. I've also received two private mails so far, pointing me to setuid(). : The problem is, I want to force a new UID on *another* process without : its knowledge. setuid() only works on the process invoking it, so : both the 'force' and the 'without its knowledge' part fall by the wayside :( I think the reaction to this by the security officer team would be a) extreme and b) negative. The security implications are huge. : The security implications I meant have to do with the ability to provide : either a tool or a sysctl to change the uid of any running process : on the system - that would have to include stringent controls on exactly : who and why uses this tool/sysctl. I have some ideas about this, : but they need some more grinding before they're ready to be tossed : at the world for discussion (and dissing ;) I'd make it a full syscall, not just a sysctl. I'd also make sure that only root and no body else could use it. Maybe I should back up a step and ask what it is you are trying to accomplish here. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message