Date: Fri, 8 Jan 1999 16:42:48 +0300 From: Vadim Kolontsov <vadim@tversu.ru> To: Eivind Eklund <eivind@FreeBSD.ORG> Cc: Guido van Rooij <guido@gvr.org>, Don Lewis <Don.Lewis@tsc.tdk.com>, freebsd-security@FreeBSD.ORG Subject: Re: kernel/syslogd hack Message-ID: <19990108164248.A10764@tversu.ru> In-Reply-To: <19990108141005.F348@follo.net>; from Eivind Eklund on Fri, Jan 08, 1999 at 02:10:05PM %2B0100 References: <vadim@tversu.ru> <199901060039.QAA13314@salsa.gv.tsc.tdk.com> <19990106094701.A28727@tversu.ru> <19990107214242.A1721@gvr.org> <19990108141005.F348@follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Fri, Jan 08, 1999 at 02:10:05PM +0100, Eivind Eklund wrote: > I think we need to fix the interface here; forcing the client to 'give > ID' is IMO bad for security (it is somewhat good for privacy, > though...) Currently only client can initiate credentials transfer (using sendmsg() and SCM_CRED). May be we can add a socket option (like SO_LOCALCREDS); so server would be able to set it on the socket and use recvmsg() instead of recvfrom(). In uipc_send(kern/uipc_usrreq.c) we can check not only for SCM_CRED in sender's msg_flags, but for SO_LOCALCREDS on target socket too. So SCM_CREDS scheme will become symmetrical. And usable for syslogd :) Regards, V. -- Vadim Kolontsov Tver Internet Center NOC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990108164248.A10764>