Date: Thu, 21 Aug 2003 17:09:58 -0400 From: ari <edelkind-freebsd-hackers@episec.com> To: freebsd-hackers@freebsd.org, flowpriv@episec.com Subject: Re: [future patch] dropping user privileges on demand Message-ID: <20030821210958.GC55671@episec.com> In-Reply-To: <20030821204403.GN47959@garage.freebsd.pl> References: <20030817181315.GL55671@episec.com> <20030821065854.GA11586@dan.emsphone.com> <20030821125028.GY55671@episec.com> <20030821162156.GL47959@garage.freebsd.pl> <20030821170915.GZ55671@episec.com> <20030821204403.GN47959@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
nick@garage.freebsd.pl said this stuff: > As I said. Stuff like systrace or cerb doesn't need to be standarized, > because it is transparent for applications. It doesn't need any work from > userland application programmer. That's why it is easy to addopt for > non-BSD-licensed applications or even for non-open-source applications. This is precisely why i began working on the project. What's transparent to applications is not transparent to administrators. So instead of having one programmer (or even a group of programmers) "fix" the code, you have every administrator correct for it. Of course, it would be best if every administrator verified that it acted properly anyway, but that's simply not going to happen. Sure, some programmers are lazy. Some programmers don't care. But some will benefit, and that's what matters. This isn't intended to solve all the world's coding problems. It will probably never be used by as many programmers as systrace will by administrators. It's just furthering the unix mentality of shedding privileges, without granting additional ones. You seem to think that the idea is a security hack. It isn't. It's more of a security model. ari
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030821210958.GC55671>