[future patch] dropping user privileges on demand
ari
edelkind-freebsd-hackers at episec.com
Sun Aug 17 11:14:38 PDT 2003
Currently, root is the only user that can actually drop significant
privileges, as root is the only user that has access to such functions.
This is flawed --- any user should be able to relinquish his privileges,
and i've begun a patch to put this into effect.
However, the fact that this is a security-related kernel feature
modification warrants peer-review, in both design and implementation.
It would be unwise of me to create the patch without consulting such.
The web page that discusses the patch may be found at:
http://www.episec.com/people/edelkind/patches/kernel/flowpriv/
I welcome any discussion and criticism.
ari
More information about the freebsd-hackers
mailing list