Date: Sun, 13 Jan 2002 08:04:30 -0500 From: Ken Stailey <kstailey@surfbest.net> To: Ken Stailey <kstailey@surfbest.net> Cc: Alan Eldridge <alane@geeksrus.net>, "."@babolo.ru, freebsd-ports@FreeBSD.ORG Subject: Re: ports/33818: Bootable ITS image for KLH-10 PDP-10 emulator Message-ID: <3C4185DE.3020506@surfbest.net> References: <200201130013.DAA11901@aaz.links.ru> <3C40D184.1000702@surfbest.net> <20020113061333.GA74245@wwweasel.geeksrus.net> <20020113061850.GA74363@wwweasel.geeksrus.net> <3C417E40.9000504@surfbest.net> <3C41827D.5060908@surfbest.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Ken Stailey wrote: > Ken Stailey wrote: > >> Alan Eldridge wrote: >> >>> Another idea is to ascertain what about the network stuff needs to run >>> as root, and see if there are ways around the requirement. Or make >>> sure it drops priveleges as soon as it does whatever root magic it >>> needs to. >>> >>> Are you a programmer, Ken? Do you have experience in networking code >>> so that you could see if there's a way to make it work without running >>> as root? >>> >>> -- Alan Eldridge Pmmfmffmmfmp mmmpppppffmpmfpmpppff PmpMpmMpp ppfppp >>> MpfpffmppmppMmpFmmMpm mfpmmmmmfpmpmpppff. >>> >>> >> There's a good chance that this would work. dpimp uses the tunnel >> driver like ppp(1). >> I'll go see when ppp drops privs and see if dpimp is doing the same >> sort of stuff. >> > ppp does just drop privs. It wrappers certain system calls to make > them run as root. > socket(2) becomes ID0socket(2) etc. I could probably just use a cut > down copy of > id.c from src/usr.sbin/ppp and patch dpimp to use it. Oops, I meant "doesn't just". Anyway I tested running klh-10 from my user account with just dpimp setuid root and it works just like I expected it too. Never hurts to test. :) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C4185DE.3020506>