Date: Sun, 13 Jan 2002 07:50:05 -0500 From: Ken Stailey <kstailey@surfbest.net> To: Ken Stailey <kstailey@surfbest.net> Cc: Alan Eldridge <alane@geeksrus.net>, "."@babolo.ru, freebsd-ports@FreeBSD.ORG Subject: Re: ports/33818: Bootable ITS image for KLH-10 PDP-10 emulator Message-ID: <3C41827D.5060908@surfbest.net> References: <200201130013.DAA11901@aaz.links.ru> <3C40D184.1000702@surfbest.net> <20020113061333.GA74245@wwweasel.geeksrus.net> <20020113061850.GA74363@wwweasel.geeksrus.net> <3C417E40.9000504@surfbest.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Ken Stailey wrote: > Alan Eldridge wrote: > >> Another idea is to ascertain what about the network stuff needs to run >> as root, and see if there are ways around the requirement. Or make >> sure it drops priveleges as soon as it does whatever root magic it >> needs to. >> >> Are you a programmer, Ken? Do you have experience in networking code >> so that you could see if there's a way to make it work without running >> as root? >> >> -- Alan Eldridge Pmmfmffmmfmp mmmpppppffmpmfpmpppff PmpMpmMpp ppfppp >> MpfpffmppmppMmpFmmMpm mfpmmmmmfpmpmpppff. >> >> > There's a good chance that this would work. dpimp uses the tunnel > driver like ppp(1). > I'll go see when ppp drops privs and see if dpimp is doing the same > sort of stuff. > ppp does just drop privs. It wrappers certain system calls to make them run as root. socket(2) becomes ID0socket(2) etc. I could probably just use a cut down copy of id.c from src/usr.sbin/ppp and patch dpimp to use it. > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C41827D.5060908>