From owner-freebsd-security  Thu Jul  2 05:05:08 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id FAA08234
          for freebsd-security-outgoing; Thu, 2 Jul 1998 05:05:08 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA08205
          for <security@FreeBSD.ORG>; Thu, 2 Jul 1998 05:04:59 -0700 (PDT)
          (envelope-from avalon@coombs.anu.edu.au)
Message-Id: <199807021204.FAA08205@hub.freebsd.org>
Received: by cheops.anu.edu.au
	(1.37.109.16/16.2) id AA252921066; Thu, 2 Jul 1998 22:04:26 +1000
From: Darren Reed <avalon@coombs.anu.edu.au>
Subject: Re: bsd securelevel patch question
To: easmith@beatrice.rutgers.edu (Allen Smith)
Date: Thu, 2 Jul 1998 22:04:26 +1000 (EST)
Cc: avalon@coombs.anu.edu.au, dg@root.com, security@FreeBSD.ORG,
        njs3@doc.ic.ac.uk, dima@best.net, abc@ralph.ml.org, tqbf@secnet.com
In-Reply-To: <9807020126.ZM19413@beatrice.rutgers.edu> from "Allen Smith" at Jul 2, 98 01:26:21 am
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In some mail from Allen Smith, sie said:
> 
> I don't have any way of getting to that currently; could you put that
> on an ftp-accessible spot? There's no link to that from the
> http://coombs.anu.edu.au/~avalon/ page.

ftp://coombs.anu.edu.au/pub/net/misc/mount_portal.tgz

> Does this require that programs access these ports via the portal
> filesystem itself, or is it simply determining permissions this way?

It requires them to use portals.

> If the former, then that's going to cause the same sort of problems
> with porting - including porting security-critical applications - that
> I was mentioning earlier. If the latter, that makes it more
> interesting... although probably still requiring some alterations to
> the group permissions system to make it work right with setuid
> programs, as I was pointing out previously.

Well, if C code compiled calls a socket(2) stub in libc, then that or
the bind or connect could be written to transparently use portals.
Otherwise you need to convert your socket/bind's into an open.

If one was using a more advanced API for sockets than the system calls
which did it all in one call, you'd just rewrite that part of the library.

In that implementation of addings access control to portals, there's too
much fiddly work involved in making it work.

A separate file or other statements in portal.conf could just as easily
(and perhaps better) control access.

Darren

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message