Date: Tue, 10 Jun 1997 10:04:50 +0200 From: lada@ws6303.gud.siemens.at (Hr.Ladavac) To: luigi@iet.unipi.it, xaa@stack.nl Cc: hackers@FreeBSD.ORG Subject: Re: your rtprio stuff Message-ID: <199706100804.KAA17947@ws6423.gud.siemens.at>
next in thread | raw e-mail | index | archive | help
> From owner-freebsd-hackers@FreeBSD.ORG Tue Jun 10 09:30:53 MET 1997 > Date: Mon, 9 Jun 1997 23:09:27 +0200 > From: Mark Huizer <xaa@stack.nl> > To: Luigi Rizzo <luigi@iet.unipi.it> > Cc: hackers@FreeBSD.ORG > Subject: your rtprio stuff > Mime-Version: 1.0 > X-Loop: FreeBSD.org > > > 2) (major problem) rtprio does not allow the necessary priority > > settings if not superuser; but it cannot be made suid root since > > it does not drop priority before execing the requested process. > > Of the following two fixes: > > > > a) modify the rtprio syscall so that it can set realtime priority > > for a restricted set of users (but then, how to configure this > > set ?); > > > > b) modify the rtprio(1) command so that it can run suid-root, by > > allowing RTP_SET for a configurable class of users (e.g. > > /etc/rtprio.users) and calling setuid to restore the real uid > > before calling execvp > > If you don't mind the risk of letting them run other commands in real time, > you could of course use commands like sudo or opcom that will give > selected users root-privs without su for certain commands Or, how about a suid root rtprio wrapper that does (among all) ... rtprio() execve( "your_real_executable" ... ) ... /Marino > > Mark >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706100804.KAA17947>