From owner-freebsd-arch  Tue Feb 19 19:39:28 2002
Delivered-To: freebsd-arch@freebsd.org
Received: from mail.nsu.ru (mx.nsu.ru [193.124.215.71])
	by hub.freebsd.org (Postfix) with ESMTP
	id C4A0037B404; Tue, 19 Feb 2002 19:39:14 -0800 (PST)
Received: from regency.nsu.ru ([193.124.210.26] helo=cytherea.weblab.nsu.ru)
	by mail.nsu.ru with esmtp (Exim 3.20 #1)
	id 16dNav-0003yV-00; Wed, 20 Feb 2002 09:39:01 +0600
Received: (from danfe@localhost)
	by cytherea.weblab.nsu.ru (8.11.6/8.11.6) id g1K3dXG80972;
	Wed, 20 Feb 2002 09:39:33 +0600 (NOVT)
	(envelope-from danfe)
Date: Wed, 20 Feb 2002 09:39:33 +0600
From: Alexey Dokuchaev <danfe@cytherea.weblab.nsu.ru>
To: Robert Watson <rwatson@freebsd.org>
Cc: arch@freebsd.org, ipfw@freebsd.org
Subject: Re: Improvements to ipfw code (followup)
Message-ID: <20020220093933.A78191@cytherea.weblab.nsu.ru>
References: <20020219165630.A62749@cytherea.weblab.nsu.ru> <Pine.NEB.3.96L.1020219113924.388H-100000@fledge.watson.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <Pine.NEB.3.96L.1020219113924.388H-100000@fledge.watson.org>; from rwatson@freebsd.org on Tue, Feb 19, 2002 at 11:40:03AM -0500
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-arch.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-arch>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-arch>
X-Loop: FreeBSD.ORG

On Tue, Feb 19, 2002 at 11:40:03AM -0500, Robert Watson wrote:
> Just as a slight follow-up I should have included in my earlier e-mail:
> the merging of ucred and pcred should make this patch now be able to
> support real and saved uids/gids as well as effective uids/gids, meaning
> that it can be used to also restrict setuid applications such as ping.

Cool!  Right now I am cleaning up this 5-year old patch to catch up with
current IPFW code, fixing possible bugs, and separating optimizations
and features stuff for easier reviewing and testing.  I like the idea of
supporting real and saved uids/gids as well as effective ones, I think
I will include this functionality as soon as I get the whole thing working
with current -CURRENT.

Regs,
Alexey Dokuchaev

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message