Date: Thu, 25 May 2000 01:41:38 -0400 From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: Nick Sayer <nsayer@sftw.com>, freebsd-hackers@FreeBSD.ORG Subject: Re: Needed: suid library calls (was Re: cvs commit: src/crypto/openssh sshd_config) Message-ID: <392CBD12.55788BBB@vangelderen.org> References: <sheldonh@uunet.co.za> <20000524090528.ECF641CE1@overcee.netplex.com.au> <20000524022840.C79861@freebsd.org> <200005241446.KAA60257@khavrinen.lcs.mit.edu> <20000524075921.A53829@freebsd.org> <200005241709.NAA60822@khavrinen.lcs.mit.edu> <20000524105558.A3407@freebsd.org> <200005241853.OAA61188@khavrinen.lcs.mit.edu> <392C3E40.E0D8974D@vangelderen.org> <392C60F1.91EDC30D@sftw.com> <200005250211.TAA78261@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Dillon wrote: > > :"Jeroen C. van Gelderen" wrote: > : > :> [...] > :> > :> Since user authentication is needed by more than one program it > :> should live in it's own process. Right now there is code > :> duplication and it is impossible to change the authentication > :> policy without messing with sshd. > :> > : > :What we _really_ need is some mechanism to recognize the difference > :between a user program and a system library, with an eye towards > :granting privileges to trusted libraries without letting those privileges > :leak past the library in question. > > Oh god, its MULTICS! Run! Run! Run for the hills! Hold on! I only spoke the first part, mind your quoting pleaz! Cheers, Jeroen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?392CBD12.55788BBB>