Re: set_his_uid()? [was Re: Changing uid of another process?]

bofh@diegeekdie.com
Tue, 21 Jul 1998 09:44:21 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Chris Wedgwood: "Re: [PATCH] New phys_addr() syscall"
Previous message: JAUME GRANE: "(Possible off-topic) vm errors in large fs operations"

On Mon, Jul 20, 1998 at 07:35:49PM +0200, Alexander Kjeldaas wrote:
> On Mon, Jul 20, 1998 at 11:19:26AM -0400, Zachary Amsden wrote:
>
> - Should you be able to pass on uid/gid without having any sort of
> extra privileges?

I can see reasons both for and against this. A server shouldn't pass uids
around without some kind of authentication (or you'll have no security
anyway). If a "hacked" program can authenticate itself and then pass
the uid to some other program, then it could just have send the
authentication information to the other program and then let that
program fetch an uid from the server. On the other hand, just being
able to pass the authentication information around makes it easier to
understand the logfiles (if the uid passing daemon logs its activities).

/Sebastian

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Chris Wedgwood: "Re: [PATCH] New phys_addr() syscall"
Previous message: JAUME GRANE: "(Possible off-topic) vm errors in large fs operations"