From owner-freebsd-net Mon Dec 2 1:15:33 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E992837B401 for ; Mon, 2 Dec 2002 01:15:31 -0800 (PST) Received: from smtp.uc3m.es (smtp01.uc3m.es [163.117.136.121]) by mx1.FreeBSD.org (Postfix) with ESMTP id C8EAC43E88 for ; Mon, 2 Dec 2002 01:15:26 -0800 (PST) (envelope-from jrh@it.uc3m.es) Received: from smtp01.uc3m.es (localhost [127.0.0.1]) by smtp.uc3m.es (Postfix) with ESMTP id 9F2A143256 for ; Mon, 2 Dec 2002 10:15:25 +0100 (CET) Received: from itserv2.lab.it.uc3m.es (itserv2.lab.it.uc3m.es [163.117.144.121]) by smtp01.uc3m.es (Postfix) with ESMTP id 59AD099E72 for ; Mon, 2 Dec 2002 10:15:25 +0100 (CET) Received: from it.uc3m.es (zangano.it.uc3m.es [163.117.140.41]) by itserv2.lab.it.uc3m.es (8.9.3/8.9.3) with ESMTP id KAA27146 for ; Mon, 2 Dec 2002 10:15:25 +0100 Message-ID: <3DEB248E.9333E90@it.uc3m.es> Date: Mon, 02 Dec 2002 10:14:54 +0100 From: Juan Francisco Rodriguez Hervella X-Mailer: Mozilla 4.74 [es] (X11; U; Linux 2.4.18 i686) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@FreeBSD.ORG Subject: Re: Sysctl and root privileges, how could I avoid them ? References: <3DE7A145.18986834@it.uc3m.es> Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org JINMEI Tatuya / $B?@L@C#:H(B escribió: > > >>>>> On Fri, 29 Nov 2002 18:17:57 +0100, > >>>>> Juan Francisco Rodriguez Hervella said: > > > I'm implementing a modification in the > > file "getaddrinfo.c", which calls a sysctlbyname > > function, but the problem is that > > this sysctlbyname function call requires "root" privileges. > > > But I can not expect all the programs linked to > > libinet6 (where getaddrinfo is used) to be executed as root ! > > Perhaps your code tries the write operation of sysctl, in which case > the super user privilege is required by default. If your goal can be > achieved without a write operation, the easiest way would be to just > avoid the write. If you really need a write operation for every user, > you may probably have to reconsider the library design. Since sysctl > tends to affect fundamental behavior of kernel, the required privilege > is basically reasonable and should not be overridden as an easy > compromise. > Are you talking about the flag CTLFLAG_RW ? I'm using req->oldptr == NULL and req->newptr != NULL to add a new element into a kernel table.... and I plan to use req->oldptr & req->newptr != NULL to show the elements of the table... could I instead use CTLFLAG_RO and keep the same access to the buffers ? Excuse me because it might be a foolish question, but I don't know how these flags can affect the behaviour of the sysctl operations... Anyway, I'm going to try different options today :) Thanks! -- JFRH. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message