[future patch] dropping user privileges on demand
Pawel Jakub Dawidek
nick at garage.freebsd.pl
Thu Aug 21 09:21:08 PDT 2003
On Thu, Aug 21, 2003 at 08:50:28AM -0400, ari wrote:
+> However, systrace is a good bit more complex than this should be, and
+> the performance penalty can be significant. Neither programmers nor
+> admins should be expected to implement something that slows down their
+> programs on a wide scale, even if it would be advisable from a security
+> standpoint. The implementation of flowpriv, however, will have a
+> negligible performance impact (about three memory references per system
+> call). I _do_ believe that systrace and flowpriv should work together,
+> but i don't believe they should be consolidated.
Let me explain you something. "flowpriv" isn't a well known standard.
If you susspect that developers will rewrite their programms (and there
are many things for rewritting to use such mechanism) you're wrong.
This is my opinion.
That's why I've decide to create CerbNG - it is totally transparent
for applications and I think Niels Provos shares my opinion in systrace.
Pawel Jakub Dawidek pawel at dawidek.net
UNIX Systems Programmer/Administrator http://garage.freebsd.pl
Am I Evil? Yes, I Am! http://cerber.sourceforge.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 305 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20030821/4f95a812/attachment.bin
More information about the freebsd-hackers