Date: Tue, 8 Jul 1997 17:00:18 -0400 (EDT) From: George Robbins <grr@shandakor.tharsis.com> To: adam@homeport.org, robert@cyrus.watson.org Cc: freebsd-security@freebsd.org, tech@openbsd.org Subject: Re: Security Model/Target for FreeBSD or 4.4? Message-ID: <199707082100.RAA02949@shandakor.tharsis.com>
next in thread | raw e-mail | index | archive | help
> From: Robert Watson <robert@cyrus.watson.org> > To: Adam Shostack <adam@homeport.org> > cc: freebsd-security@freebsd.org, tech@openbsd.org > Subject: Re: Security Model/Target for FreeBSD or 4.4? > > With regards to gid vs. uid -- is either one of this preferable for any > particular reason? gid may be more flexible, I guess, as it would allow > multiple users to bind the same ports, but without having rights to each > others processes, and as such allow a simpler minimum configuration. I don't want to sound like a grinch, but this seems like a poor direction to be headed in. The kernel is blessedly free of "special values" for UID's and GID's. Like one really special UID=0 (*) and done with it. File system protections are the general access control method and if you want to layout something with a lot of cases, this should given first consideration. (*) there are other special values, but typically the kernel does not explicitly test for them, they fail to be 0 or fail to match an opaque ID. Not even sure there are any special GID's, the group 0 allowed to su can be handled at the applications level. Groge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707082100.RAA02949>