Peter Williams <[EMAIL PROTECTED]> writes: >>> If you have the source code for the programs then they could be >>> modified to drop the root euid after they've changed policy. Or >>> even do the
> Paul Davis wrote: >> This is insufficient, since they need to be able to drop RT >> scheduling and then reacquire it again later. > I believe that there are mechanisms that allow this. The setuid man > page states that a process with non root real uid but setuid as root > can use the seteuid call to use the _POSIX_SAVED_IDS mechanism to > drop and regain root privileges as required. Which every system cracker knows. Any attack on such a program is going to re-acquire root privileges and take over the system. Temporarily dropping privileges gains no security whatsoever. It is nothing more than a coding convenience. The program remains *inside* the system security perimeter. -- joq - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/