Date: Sun, 01 Dec 2002 13:10:35 +0900 From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= <jinmei@isl.rdc.toshiba.co.jp> To: Juan Francisco Rodriguez Hervella <jrh@it.uc3m.es> Cc: freebsd-net@FreeBSD.ORG, snap-user@kame.net Subject: Re: Sysctl and root privileges, how could I avoid them ? Message-ID: <y7vfztijs5g.wl@ocean.jinmei.org> In-Reply-To: <3DE7A145.18986834@it.uc3m.es> References: <3DE7A145.18986834@it.uc3m.es>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> On Fri, 29 Nov 2002 18:17:57 +0100, >>>>> Juan Francisco Rodriguez Hervella <jrh@it.uc3m.es> said: > I'm implementing a modification in the > file "getaddrinfo.c", which calls a sysctlbyname > function, but the problem is that > this sysctlbyname function call requires "root" privileges. > But I can not expect all the programs linked to > libinet6 (where getaddrinfo is used) to be executed as root ! Perhaps your code tries the write operation of sysctl, in which case the super user privilege is required by default. If your goal can be achieved without a write operation, the easiest way would be to just avoid the write. If you really need a write operation for every user, you may probably have to reconsider the library design. Since sysctl tends to affect fundamental behavior of kernel, the required privilege is basically reasonable and should not be overridden as an easy compromise. JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?y7vfztijs5g.wl>