Re: setuids() like setgroups() ?

Alan Cox (alan@lxorguk.ukuu.org.uk)
Fri, 16 Apr 1999 17:11:40 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jon P. deOng: "Re: Problems with NFS write of setuid executeables"
Previous message: Trond Myklebust: "Re: NFSv3 client for Linux-2.2.5 ready for alpha testing..."
Next in thread: Miquel van Smoorenburg: "Re: setuids() like setgroups() ?"
Reply: Miquel van Smoorenburg: "Re: setuids() like setgroups() ?"

> However, this is very non-standard and the cances of this getting
> implemented are very low, I guess. The reason I am asking this is that
> I am considering hacking Apache and the kernel for UID swtching -
> wondering if it should be a quick&dirty local hack, or something reasonably
> clean so I can try to get it integrated into Linux and Apache.

How do you solve pid reuse ?

> >the authentication server and then it will get a uid back if valid.
> >Its also about 200 lines of code if that for the kernel
>
> Aha, that would be SCM_SETCREDENTIALS ? I'm curious about this. It
> seems to be the easiest (and most probable) solution for now.

Yes. Exactly - it then means that a client can for example pass a request
to a server along with the right for the server to assume its identity. And
vice versa the client can ask the server "I want to become fred = auth is .."
and have the server return "no" or "yes - auth sent"

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jon P. deOng: "Re: Problems with NFS write of setuid executeables"
Previous message: Trond Myklebust: "Re: NFSv3 client for Linux-2.2.5 ready for alpha testing..."
Next in thread: Miquel van Smoorenburg: "Re: setuids() like setgroups() ?"
Reply: Miquel van Smoorenburg: "Re: setuids() like setgroups() ?"