Proposed change to route(4) sockets to make them available to non-superuser
From: Ruslan Ermilov (ru@FreeBSD.org)
Date: 08/30/01
- Next message: Cy Schubert - ITSD Open Systems Group: "Re: ports/29137: Brand New Tripwire-2.3.1 Port (fwd)"
- Previous message: Anders Nor Berle: "Re: ports/29137: Brand New Tripwire-2.3.1 Port (fwd)"
- Next in thread: Garrett Wollman: "Proposed change to route(4) sockets to make them available to non-superuser"
- Reply: Garrett Wollman: "Proposed change to route(4) sockets to make them available to non-superuser"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 30 Aug 2001 14:58:40 +0300 From: Ruslan Ermilov <ru@FreeBSD.org> To: net@FreeBSD.org, security@FreeBSD.org
Hi!
The attached patch allows non-superuser to open, listen to, and send
safe commands on the routing socket. Superuser privilege is required
for all commands but RTM_GET.
This has been in NetBSD and OpenBSD since 1997. This also allows us
to drop setuid root privilege from the route(8) command.
I would like to commit this patch on Monday if I hear no reasonable
objections.
Cheers,
-- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- text/plain attachment: p
- Next message: Cy Schubert - ITSD Open Systems Group: "Re: ports/29137: Brand New Tripwire-2.3.1 Port (fwd)"
- Previous message: Anders Nor Berle: "Re: ports/29137: Brand New Tripwire-2.3.1 Port (fwd)"
- Next in thread: Garrett Wollman: "Proposed change to route(4) sockets to make them available to non-superuser"
- Reply: Garrett Wollman: "Proposed change to route(4) sockets to make them available to non-superuser"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
