Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 13 Jan 2002 07:50:05 -0500
From:      Ken Stailey <kstailey@surfbest.net>
To:        Ken Stailey <kstailey@surfbest.net>
Cc:        Alan Eldridge <alane@geeksrus.net>, "."@babolo.ru, freebsd-ports@FreeBSD.ORG
Subject:   Re: ports/33818: Bootable ITS image for KLH-10 PDP-10 emulator
Message-ID:  <3C41827D.5060908@surfbest.net>
References:  <200201130013.DAA11901@aaz.links.ru> <3C40D184.1000702@surfbest.net> <20020113061333.GA74245@wwweasel.geeksrus.net> <20020113061850.GA74363@wwweasel.geeksrus.net> <3C417E40.9000504@surfbest.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Ken Stailey wrote:

> Alan Eldridge wrote:
>
>> Another idea is to ascertain what about the network stuff needs to run
>> as root, and see if there are ways around the requirement. Or make
>> sure it drops priveleges as soon as it does whatever root magic it
>> needs to.
>>
>> Are you a programmer, Ken? Do you have experience in networking code
>> so that you could see if there's a way to make it work without running
>> as root?
>>
>> -- Alan Eldridge Pmmfmffmmfmp mmmpppppffmpmfpmpppff PmpMpmMpp ppfppp
>> MpfpffmppmppMmpFmmMpm mfpmmmmmfpmpmpppff.
>>
>>
> There's a good chance that this would work.  dpimp uses the tunnel 
> driver like ppp(1).
> I'll go see when ppp drops privs and see if dpimp is doing the same 
> sort of stuff.
>
ppp does just drop privs.  It wrappers certain system calls to make them 
run as root.
socket(2) becomes ID0socket(2) etc.  I could probably just use a cut 
down copy of
id.c from src/usr.sbin/ppp and patch dpimp to use it.

>




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C41827D.5060908>