Re: setuids() like setgroups() ?
Alexander Kjeldaas (astor@fast.no)
Fri, 16 Apr 1999 13:07:29 +0200
On Thu, Apr 15, 1999 at 09:06:31PM +0200, Miquel van Smoorenburg wrote:
> I wonder if it would be a good idea to introduce a setuids() call that
> behaves a bit like like setgroups(), in that it would be possible
> with setuid() to switch between the uids.
>
> That way, a multi-process server like apache would be able to switch
> between used-ids for different virtual hosts, yet it wouldn't have to
> keep running as root.
>
> For it to be useful for apache (with perhaps hundreds of virtual hosts)
> one should also be able to enter a range instead of a list of uids.
>
> Is there any OS that already implements something like this which we
> can model it after, or is there a way to tie this into the capability
> system (I can't see how), or is this a plain stupid idea :/
>
I've probably said this many times before, but passing being able to
pass an UID from one process to another using IPC is more flexible
than the above.
astor
--
Alexander Kjeldaas, Fast Search & Transfer, Trondheim, Norway
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/