Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 02 Dec 2002 10:14:54 +0100
From:      Juan Francisco Rodriguez Hervella <jrh@it.uc3m.es>
To:        freebsd-net@FreeBSD.ORG
Subject:   Re: Sysctl and root privileges, how could I avoid them ?
Message-ID:  <3DEB248E.9333E90@it.uc3m.es>
References:  <3DE7A145.18986834@it.uc3m.es> <y7vfztijs5g.wl@ocean.jinmei.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
JINMEI Tatuya / $B?@L@C#:H(B escribió:
> 
> >>>>> On Fri, 29 Nov 2002 18:17:57 +0100,
> >>>>> Juan Francisco Rodriguez Hervella <jrh@it.uc3m.es> said:
> 
> > I'm implementing a modification in the
> > file "getaddrinfo.c", which calls a sysctlbyname
> > function, but the problem is that
> > this sysctlbyname function call requires "root" privileges.
> 
> > But I can not expect all the programs linked to
> > libinet6 (where getaddrinfo is used) to be executed as root !
> 
> Perhaps your code tries the write operation of sysctl, in which case
> the super user privilege is required by default.  If your goal can be
> achieved without a write operation, the easiest way would be to just
> avoid the write.  If you really need a write operation for every user,
> you may probably have to reconsider the library design.  Since sysctl
> tends to affect fundamental behavior of kernel, the required privilege
> is basically reasonable and should not be overridden as an easy
> compromise.
> 


Are you talking about the flag CTLFLAG_RW ? I'm using req->oldptr ==
NULL and
req->newptr != NULL to add a new element into a kernel table.... and I
plan
to use req->oldptr & req->newptr != NULL to show the elements of the
table...

could I instead use CTLFLAG_RO and keep the same access
to the buffers ? Excuse me because it might be a foolish question, but I
don't
know how these flags can affect the behaviour of the sysctl
operations...

Anyway, I'm going to try different options today :)

Thanks!

-- 
JFRH.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DEB248E.9333E90>