From owner-freebsd-hackers Sun Nov 7 0: 8:32 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from kithrup.com (kithrup.com [205.179.156.40]) by hub.freebsd.org (Postfix) with ESMTP id 3001715102 for ; Sun, 7 Nov 1999 00:07:47 -0800 (PST) (envelope-from sef@kithrup.com) Received: (from sef@localhost) by kithrup.com (8.8.8/8.8.8) id AAA01199; Sun, 7 Nov 1999 00:07:47 -0800 (PST) (envelope-from sef) Date: Sun, 7 Nov 1999 00:07:47 -0800 (PST) From: Sean Eric Fagan Message-Id: <199911070807.AAA01199@kithrup.com> To: hackers@freebsd.org Reply-To: hackers@freebsd.org Subject: Re: Procfs' pointers to files. In-Reply-To: <38252A5C.2C388485.kithrup.freebsd.hackers@newsguy.com> References: Organization: Kithrup Enterprises, Ltd. Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In article <38252A5C.2C388485.kithrup.freebsd.hackers@newsguy.com> you write: >Brian Fundakowski Feldman wrote: >> It sounds to me that what you really want are the semantics of a >> symbolic link and not the semantics of a hard link. Is it just me, >> or does it seem as if the pathname of the executable being stored as >> a virtual symlink in procfs as "file" would solve these security >> problems? >Mmmmm... I like that... I don't, but what I like doesn't matter, it seems -- Warner knows everything. So I'm sure he knows better than I do the overhead this will impose, and the impracticality in a general system. Unix really isn't set up to carry around 'official pathnames,' due to the existence of symlinks and other fun stuff. Other systems are set up for this -- my favourite was EMBOS, by ELXSI -- and there are some _really_ nifty things you can do, if you have it. (Watchdogs and program-based-access-lists are my two favourite, the latter allowing you to get rid of SUID/SGID in many cases. There is a paper available on implementing watchdogs under unix [4.2bsd, I believe] that discusses some of this. If you're willing to cover 60-80% of the cases, instead of 95-100%, it's considerably easier.) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message