Re: unowned processes and who controls them (was: Re: passwd entry for uid -1

To: Oystein Viggen <oysteivi@tihlde.org>
Cc: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>, Robert Bihlmeyer <robbe@orcus.priv.at>, debian-hurd@lists.debian.org
Subject: Re: unowned processes and who controls them (was: Re: passwd entry for uid -1
From: nisse@lysator.liu.se (Niels Möller)
Date: 06 Jun 2001 22:36:17 +0200
Message-id: <[🔎] nn4rttxs5a.fsf@sture.lysator.liu.se>
In-reply-to: Oystein Viggen's message of "05 Jun 2001 21:03:31 +0200"
References: <[🔎] 20010602214206.BF65699306@perdition.linnaean.org> <[🔎] 20010603205104.D4223@212.23.136.22> <[🔎] 87wv6s5pj4.fsf@orcus.priv.at> <[🔎] 20010604215026.D1366@212.23.136.22> <[🔎] 87y9r7knna.fsf@orcus.priv.at> <[🔎] 20010605173251.A5365@212.23.136.22> <[🔎] 03itia9axu.fsf@colargol.tihlde.org> <[🔎] 20010605183437.B5365@212.23.136.22> <[🔎] 03elsy92bg.fsf@colargol.tihlde.org>

Oystein Viggen <oysteivi@tihlde.org> writes:

> Combined with some kind of capabilities support, this could prove quite
> a versatile (and did I mention cool ;) security feature for the hurd,
> though.

Capabilites seem easy enough. This is how...

Let's look at the ftpd example. You create a server/translator which,
when asked, tries to create a socket, bind it to port 20, and return
it. It could even take a hostname or ip-address as argument and
connect before returning the socket, if that's desirable. Obviously
that server has to run with some extra privileges.

Now, you start the ftpd with something like

  rmauth /real/ftpd </your/capabilities/server

The ftpd server gets started with no userids. However, it inherits an
open fd associated with a port that lets it bind port 20.

Any capability could be implemented in a similar way. The "algebra"
described in the "Ode to the granovetter diagram" paper would apply.

There may be some better way to create and inherit the port than to
bind it to the stdin fd.

/nisse

Reply to:

Follow-Ups:
- Re: unowned processes and who controls them (was: Re: passwd entry for uid -1
  - From: Oystein Viggen <oysteivi@tihlde.org>

References:
- Re: passwd entry for uid -1
  - From: Roland McGrath <roland@frob.com>
- Re: passwd entry for uid -1
  - From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
- Re: passwd entry for uid -1
  - From: Robert Bihlmeyer <robbe@orcus.priv.at>
- Re: passwd entry for uid -1
  - From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
- Re: passwd entry for uid -1
  - From: Robert Bihlmeyer <robbe@orcus.priv.at>
- Re: passwd entry for uid -1
  - From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
- Re: passwd entry for uid -1
  - From: Oystein Viggen <oysteivi@tihlde.org>
- unowned processes and who controls them (was: Re: passwd entry for uid -1
  - From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
- Re: unowned processes and who controls them (was: Re: passwd entry for uid -1
  - From: Oystein Viggen <oysteivi@tihlde.org>

Prev by Date: Re: unowned processes and who controls them (was: Re: passwd entry for uid -1
Next by Date: Re: unowned processes and who controls them (was: Re: passwd entry for uid -1
Previous by thread: Re: unowned processes and who controls them (was: Re: passwd entry for uid -1
Next by thread: Re: unowned processes and who controls them (was: Re: passwd entry for uid -1
Index(es):
- Date
- Thread