From owner-cvs-all Thu Sep 20 8:40:18 2001 Delivered-To: cvs-all@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 98ED237B41D; Thu, 20 Sep 2001 08:40:11 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.11.6/8.11.5) with SMTP id f8KFaqB11240; Thu, 20 Sep 2001 11:36:52 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Thu, 20 Sep 2001 11:36:52 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Alfred Perlstein Cc: Brian Somers , Ruslan Ermilov , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/net rtsock.c In-Reply-To: <20010920100654.W61456@elvis.mu.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, 20 Sep 2001, Alfred Perlstein wrote: > I know this change was done in the interests of security, however > traditionally, holding and using an open descriptor that was opened at a > higher privledge level is the way UNIX has worked. I think this ought > to be backed out. This is not true in a number of important cases, including the binding of low port numbers in the IP stack, in several network ioctl's (including interface configuration), IPSec policy configuration, PPP and other network pseudo-device, configration, all of which use the current process credential instead of the cached credential. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message