From owner-cvs-all  Wed Aug 15 13: 6:57 2001
Delivered-To: cvs-all@freebsd.org
Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11])
	by hub.freebsd.org (Postfix) with SMTP
	id B3A2A37B409; Wed, 15 Aug 2001 13:06:43 -0700 (PDT)
	(envelope-from dwmalone@maths.tcd.ie)
Date: Wed, 15 Aug 2001 21:06:37 +0100
From: David Malone <dwmalone@maths.tcd.ie>
To: Robert Watson <rwatson@FreeBSD.org>
Cc: Mikhail Teterin <mi@aldan.algebra.com>, alex@big.endian.de,
	cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/etc inetd.conf
Message-ID: <20010815210637.A90115@salmon.maths.tcd.ie>
References: <20010815123315.A35365@walton.maths.tcd.ie> <Pine.NEB.3.96L.1010815125441.81642C-100000@fledge.watson.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.NEB.3.96L.1010815125441.81642C-100000@fledge.watson.org>; from rwatson@FreeBSD.org on Wed, Aug 15, 2001 at 12:57:17PM -0400
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

On Wed, Aug 15, 2001 at 12:57:17PM -0400, Robert Watson wrote:
>  An approach that might be taken is to have a pair of processes
> -- one with privilege, and one without.  The one with privilege would
> communicate via IPC with the low privilege process, and grant specific
> requests via file descriptor passing (such as the binding of sockets,
> opening of devices, etc), limiting the scope of a vulnerability in the
> exposed code.  This does add substantial complexity, and has to be
> carefully analyzed so as to determine that it won't leak privileges.  We
> have an on-going project as part of our DARPA grant to look at generate
> techniques for partitioning applications this way.  You can e-mail
> Lee Badger <badger@tislabs.com> if you're interested -- he's a co-PI on
> the project, and is focusing on the application impact of privilege.

I've plans for crontab in this line, which I'll work on once I
commit my Unix Domain patches to -current. I think other people
may also be working on programs in this area.

	David.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message