Hello Anthony,
Your CONFIG_PORT_ACLS functionality may easily be implemented in user-space
via file descriptor passing over UNIX domain sockets.
I have some dirty code doing it, and will post it in a few days.
Best regards
Andrey V.
Savochkin
On Tue, Jun 20, 2000 at 03:09:25AM -0700, Anthony D. Urso wrote:
> Attached is a patch for 2.3.99-pre9 that may be ready for prime-time. If
> not, please let me know why.
>
> I doubt it's the first of its kind, but I don't know of any others.
>
> In summary, it allows root to delegate permissions to do rootly networking
> things to unprivileged users in order to prevent potential security
> problems inherent in having applications running as root or setuid root.
>
> I think it's useful even in combination with the similar capabilities...
>
> Thanks in advance for any feedback,
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Jun 23 2000 - 21:00:19 EST