From owner-freebsd-security  Wed Jun 24 13:21:27 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id NAA19914
          for freebsd-security-outgoing; Wed, 24 Jun 1998 13:21:27 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from heron.doc.ic.ac.uk (jYlWUNIt8nINvxRKdVNokJQhhQ6heUs2@heron.doc.ic.ac.uk [146.169.46.3])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id NAA19865
          for <security@freebsd.org>; Wed, 24 Jun 1998 13:21:10 -0700 (PDT)
          (envelope-from njs3@doc.ic.ac.uk)
Received: from oak67.doc.ic.ac.uk [146.169.33.67] ([CGRB3r+s+pXyR5Ntl2evJ+2ZG1rfBpCo])
	by heron.doc.ic.ac.uk with smtp (Exim 1.62 #3)
	id 0yow24-0002Yu-00; Wed, 24 Jun 1998 21:20:40 +0100
Received: from njs3 by oak67.doc.ic.ac.uk with local (Exim 1.62 #3)
	id 0yow23-00039B-00; Wed, 24 Jun 1998 21:20:39 +0100
From: njs3@doc.ic.ac.uk (Niall Smart)
Date: Wed, 24 Jun 1998 21:20:39 +0100
In-Reply-To: David Greenman <dg@root.com>
       "Re: bsd securelevel patch question" (Jun 24, 11:47am)
X-Mailer: Mail User's Shell (7.2.5 10/14/92)
To: dg@root.com, tqbf@pobox.com
Subject: Re: bsd securelevel patch question
Cc: easmith@beatrice.rutgers.edu (Allen Smith), njs3@doc.ic.ac.uk,
        dima@best.net, security@FreeBSD.ORG, abc@ralph.ml.org, tqbf@secnet.com
Message-Id: <E0yow23-00039B-00@oak67.doc.ic.ac.uk>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> for granting access to privileged resources and capabilities. I think the
> best way to handle this, however, is with a file ACL mechanism that allows
> for the specification of privileges as and extension of the access control
> information. On the other hand, in VMS, special privileges can be granted to

Of course, this implies that all permissions can be represented in
the filesystem.  I can imagine a /dev/socket/inet/xyz mechanism which
allows a process to bind to a specific port or /dev/raw which allows
them to create a raw socket etc etc.  This gets somewhat messy for the
above example since it is difficult to administer things like ranges
(eg ports 0 to 1024) using a single device file for each element in that
range, and any other approach (e.g. /dev/socket/inet/0-1024) seems to
lose the cleanliness offered by the "single file for everything" approach.

Niall

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message