From owner-freebsd-security Thu Jul 2 05:05:08 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA08234 for freebsd-security-outgoing; Thu, 2 Jul 1998 05:05:08 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA08205 for ; Thu, 2 Jul 1998 05:04:59 -0700 (PDT) (envelope-from avalon@coombs.anu.edu.au) Message-Id: <199807021204.FAA08205@hub.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA252921066; Thu, 2 Jul 1998 22:04:26 +1000 From: Darren Reed Subject: Re: bsd securelevel patch question To: easmith@beatrice.rutgers.edu (Allen Smith) Date: Thu, 2 Jul 1998 22:04:26 +1000 (EST) Cc: avalon@coombs.anu.edu.au, dg@root.com, security@FreeBSD.ORG, njs3@doc.ic.ac.uk, dima@best.net, abc@ralph.ml.org, tqbf@secnet.com In-Reply-To: <9807020126.ZM19413@beatrice.rutgers.edu> from "Allen Smith" at Jul 2, 98 01:26:21 am X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In some mail from Allen Smith, sie said: > > I don't have any way of getting to that currently; could you put that > on an ftp-accessible spot? There's no link to that from the > http://coombs.anu.edu.au/~avalon/ page. ftp://coombs.anu.edu.au/pub/net/misc/mount_portal.tgz > Does this require that programs access these ports via the portal > filesystem itself, or is it simply determining permissions this way? It requires them to use portals. > If the former, then that's going to cause the same sort of problems > with porting - including porting security-critical applications - that > I was mentioning earlier. If the latter, that makes it more > interesting... although probably still requiring some alterations to > the group permissions system to make it work right with setuid > programs, as I was pointing out previously. Well, if C code compiled calls a socket(2) stub in libc, then that or the bind or connect could be written to transparently use portals. Otherwise you need to convert your socket/bind's into an open. If one was using a more advanced API for sockets than the system calls which did it all in one call, you'd just rewrite that part of the library. In that implementation of addings access control to portals, there's too much fiddly work involved in making it work. A separate file or other statements in portal.conf could just as easily (and perhaps better) control access. Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message