Re: socket-based activation has unmaintainable security?

[Ian Jackson <ijackson@chiark.greenend.org.uk>]

Russ Allbery writes ("Re: socket-based activation has unmaintainable security?"):
> For INN, quite some time ago, I wrote a setuid helper program that did
> nothing but bind the port for its parent process.  I know there are a few
> other implementations of the same idea (I think Ian Jackson has a generic
> one that's packaged in Debian).

Yes, it's called "authbind" and it does seem to be that at least some
people use it as I occasionally get bug reports.

> It's not completely trivial, since you have to use two different
> techniques depending on whether the OS uses BSD-style sockets or
> STREAMS-style sockets (in BSD-style sockets you can bind in the child and
> the parent sees the results, but with STREAMS-style sockets you pass the
> file descriptor back to the parent),

Seriously ?  Wow.  authbind doesn't support that nonsense semantic
which you say STREAMS-based systems have.

Ian.