From owner-svn-src-head@freebsd.org Sun Aug 9 13:08:08 2015 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7C01A998AB7 for ; Sun, 9 Aug 2015 13:08:08 +0000 (UTC) (envelope-from ed@nuxi.nl) Received: from mail-ob0-f170.google.com (mail-ob0-f170.google.com [209.85.214.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BB36E98 for ; Sun, 9 Aug 2015 13:08:07 +0000 (UTC) (envelope-from ed@nuxi.nl) Received: by obbhe7 with SMTP id he7so11138627obb.0 for ; Sun, 09 Aug 2015 06:08:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=0wdexFA/T0tPPggsyXIUJSOfryUWb8Wl1FNMGv2L5u8=; b=MJqPBULgbAm52oVLar9BtboZYn+tQXBSvrreTxO6NSU2e+YQkSNFH5oq3cgZJIUdom uemaBzWTU9Uz6MvoIOBCjk4qDj2UiIBjdzmStEIN4Og6++wZ9eREnDs7zrBAK3QPn7MR li2usnYgRTKaTHntysqVpcKhkxT1BVad7Fekt+GwkKCdRz7L7FGutzb2r6wfZsum4gaR 4QgBuIas5JiJNVQ8YDeAP1WU2PEyQWo/4Ed0lB3r4XZoDiDIhN0zK0+eb8kDPQ8mxnlq yDDfnR3PfPuNa/4cDdNKn9reUABH9lA3jgbes+zGMI3xoVz0jeuru7lY7y66YlcQhe9l wnYQ== X-Gm-Message-State: ALoCoQm/ytCirHlfoW7VJvDOF3ZvsLVWiWFw3oy8SJuYRBHPOnKapeeA5jM2ZkaIngWKdMV0o3fd MIME-Version: 1.0 X-Received: by 10.182.86.72 with SMTP id n8mr16136934obz.9.1439125681535; Sun, 09 Aug 2015 06:08:01 -0700 (PDT) Received: by 10.76.50.84 with HTTP; Sun, 9 Aug 2015 06:08:01 -0700 (PDT) X-Originating-IP: [84.27.222.46] In-Reply-To: <20150809085545.0beef79b@kan> References: <201507271317.t6RDHwpj067194@repo.freebsd.org> <20150808150539.0b43cfcd@kan> <20150809085545.0beef79b@kan> Date: Sun, 9 Aug 2015 15:08:01 +0200 Message-ID: Subject: Re: svn commit: r285910 - in head: lib/libc/sys sys/kern sys/sys From: Ed Schouten To: Alexander Kabaev Cc: Ed Schouten , src-committers , svn-src-all@freebsd.org, svn-src-head@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Aug 2015 13:08:08 -0000 Hi Alexander, 2015-08-09 14:55 GMT+02:00 Alexander Kabaev : > On Sun, 9 Aug 2015 09:37:13 +0200 > It most definitely does work, this is what I have done to get my > network scripts work again. I wonder if there are other means of > restricting raw sockets that can be used to achieve the result > authors of rtsold had hoped or? Yes, there sure are. We could for example call cap_rights_limit() on the socket and whitelist the exacty set of actions that the program needs. That said, it wouldn't make a difference in the end. It looks like rtsol/rtsold don't seem to drop any privileges or switch credentials after startup, assuming I haven't overlooked anything. Even if we were to restrict the raw socket, the process could always open a new one later on. I think it would make sense for now to just commit the patch that I proposed. Will push it into the tree tomorrow. Thanks, -- Ed Schouten Nuxi, 's-Hertogenbosch, the Netherlands KvK/VAT number: 62051717