[RFC] last(1) with security.bsd.see_other_uids support
Pawel Jakub Dawidek
pjd at FreeBSD.org
Wed Jun 6 11:22:07 UTC 2012
On Tue, Jun 05, 2012 at 11:31:01PM +0200, Jilles Tjoelker wrote:
> Also, the attack surface of such a daemon may be smaller than that of a
> setuid/setgid program.
Really? I don't see that. With current patch and setgid to utmp the
process can only read some files that don't even contain very sensitive
data (like passwords).
Any privileged daemon is much bigger threat. Also, do we really want a
daemon running all the time just to be able to parse utx files?
> Alternatively, the daemon could be a setgid program that is spawned by
> the utmpx APIs when needed.
Still seems a bit too far for my taste. Spawning a daemon somewhere from
within library doesn't sound like a good idea to me... At least until we
have something like launchd that can start such services on demand.
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am! http://tupytaj.pl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20120606/a9183ba6/attachment.pgp
More information about the freebsd-hackers
mailing list