Date: Mon, 20 Aug 2001 03:32:57 -0400 (EDT) From: "Andrew R. Reiter" <arr@watson.org> To: Robert Watson <rwatson@freebsd.org> Cc: audit@freebsd.org, security@freebsd.org Subject: Re: login_cap Message-ID: <Pine.NEB.3.96L.1010820032539.37585A-100000@fledge.watson.org> In-Reply-To: <Pine.NEB.3.96L.1010819201254.34466B-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Cool, a response :-) I actually didn't know about setlogincontext() until you mentioned it now. After browsing the login_class.c source, this does seem like a good thing to utilize -- perhaps a patch to the man page would help too. I wonder if it's wise if we come up with a list of pieces of code that we should start moving setlogincontext() into? My first shot would be to go for the set{u,g}id program and network daemons. Thoughts? Cheers, Andrew On Sun, 19 Aug 2001, Robert Watson wrote: : :Would this make use of the setlogincontext() code in libutil? If so, I'd :be very happy to see that used more pervasively through the system. In :particular, using LOGIN_SETALL with appropriate bits substracted, rather :than specifying individual bits. The reasoning for this is that my MAC :code uses a new LOGIN_SETLABEL flag, and I noticed a number of existing :uses of setlogincontext() that set only specific bits but leave out parts :of the context setup. Likewise, places in the system where uids/etc are :manually configured, resulting in incorrect setting of additional groups, :resource limits, etc. Given that appropriate enforcement of system :resource limits is now vital to maintaining multi-user systems, being :consistent about enforcing them in all situations is very important. : :Robert N M Watson FreeBSD Core Team, TrustedBSD Project :robert@fledge.watson.org NAI Labs, Safeport Network Services : :On Fri, 17 Aug 2001, Andrew R. Reiter wrote: : :> Hey, :> :> Im wondering if there's any real interest for patches to be made for some :> services so that they do login class, etc authentication? Such an example :> would be for atrun.c in libexec/atrun/. :> :> In my opinion, it is probably worth doing and getting commited, but if no :> one would commit the patches, I dont see a point in doing them :-) :> :> btw, if you're unfamiliar with login caps, check out login_cap(3) and :> login_class(3). :> :> Andrew :> :> *-------------................................................. :> | Andrew R. Reiter :> | arr@fledge.watson.org :> | "It requires a very unusual mind :> | to undertake the analysis of the obvious" -- A.N. Whitehead :> :> :> To Unsubscribe: send mail to majordomo@FreeBSD.org :> with "unsubscribe freebsd-security" in the body of the message :> : : *-------------................................................. | Andrew R. Reiter | arr@fledge.watson.org | "It requires a very unusual mind | to undertake the analysis of the obvious" -- A.N. Whitehead To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010820032539.37585A-100000>