[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: um-ppp installation

On 22-Nov-2001 Niels Möller wrote:
> philippe brochard <phil.brochard@free.fr> writes:
>> but I think it's a good thing if we can run it with an unprivileged user.
> I'm not sure if there's any sensible way to delegate control over just
> some parts of the networking (e.g different network interfaces), but
> until someone comes up with a good model for that, it should be
> possible to delegate control over all networkish things by changing
> the owner of /servers/socket/2, and adding that uid to users or
> processes you want to be able to control the networking.
> Some questions (which is why I'm adding bug-hurd to the recipients):
> 1. Has anybody thought about partial delegation of networking? Does
>    that make sense at all?
> 2. Is the group of /servers/socket/2 relevant, or should it be? To me, it
>    seems cleaner to add network admins to a special group than using a
>    special network-admin uid.
> 3. Is there a reasonable way to give a user additional uid:s
>    automatically at login?
> (On second thought, you probably have to change the owner and
>  permission on some other nodes as well, to make sure that pfinet gets
>  access to ethernet hardware and stuff. And then one should probably
>  think a little about what a "privileged (< 1024) port means when
>  pfinet doesn't run as root. This seems a little harier than I'd
>  like).
> Regards,
> /Niels

I think just that I don't want to become root to start ppp,
but all the users don't have to start ppp, maybe just some
on a specific group.


Philippe Brochard <hocwp@free.fr>

Reply to: