Date: Wed, 1 Jul 1998 23:34:18 +1000 (EST) From: Darren Reed <avalon@coombs.anu.edu.au> To: avalon@coombs.anu.edu.au (Darren Reed) Cc: easmith@beatrice.rutgers.edu, dg@root.com, security@FreeBSD.ORG, njs3@doc.ic.ac.uk, dima@best.net, abc@ralph.ml.org, tqbf@secnet.com Subject: Re: bsd securelevel patch question Message-ID: <199807011335.GAA16598@hub.freebsd.org> In-Reply-To: <199807011254.FAA12664@hub.freebsd.org> from "Darren Reed" at Jul 1, 98 10:53:10 pm
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Darren Reed, sie said: > > > sigh...the < 1024 port thing keeps coming up. I will try and dig up the > hacks I did to portalfs to provide acl's for listen sockets. > > no stupid extended permissions checks in kernels necessary. well, I dug it up, and it's not really pretty, but it does prove it is possible. the way I set it up to work was to read in the directory structure prior to mount_portal taking it over and then use the file perms in that for access control. this was just an experiment. a better way to do it is to have a separate configuration file for the perms. so that you can edit those whilst mount_portal is still running. I thought I'd had a go at that, but I don't see the code anywhere just now so I'll assume it's not going to be easily found. Darren http://coombs.anu.edu.au/~avalon/mount_portal.tgz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807011335.GAA16598>