At 20:19 Uhr + 13.05.2004, Liam Helmer wrote:
I think that you're honestly better off creating some kind of pipe or
socket where the commands come through, which has a list of functions
that it can provide. That way you can have a list, and see if there's a
match for what's sent. It'd really b
I think that you're honestly better off creating some kind of pipe or
socket where the commands come through, which has a list of functions
that it can provide. That way you can have a list, and see if there's a
match for what's sent. It'd really be quite hard to implement a SUID
type of arrangeme
* Gregory (Grisha) Trubetskoy ([EMAIL PROTECTED]) wrote:
>
> Has there been any discussion of having a feature whereby a binary would
> be executed with higher capabilities automatically?
This can be done with two ways. Normail setuid-root will elevate, and
then some LSM modules like SELinux and
> On Thu, May 13, 2004 at 11:01:10AM -0400, Gregory (Grisha) Trubetskoy
> wrote:
>>
>> Has there been any discussion of having a feature whereby a binary would
>> be executed with higher capabilities automatically?
>>
>> Something like having a config file of some sort in the main server that
>> li
On Thu, May 13, 2004 at 11:01:10AM -0400, Gregory (Grisha) Trubetskoy wrote:
>
> Has there been any discussion of having a feature whereby a binary would
> be executed with higher capabilities automatically?
>
> Something like having a config file of some sort in the main server that
> lists a bi
Has there been any discussion of having a feature whereby a binary would
be executed with higher capabilities automatically?
Something like having a config file of some sort in the main server that
lists a binary, its timestamp, size, an MD5/SHA hash and the capability.
Whenever this binary would
On Thu, 2004-05-13 at 01:18, Liam Helmer wrote:
> > On a side note, we are working on a php/ldap based vserver configuration
> > management tool, as the only tool I am aware of is still unavailable...
> >
> > If anyone is interested, I'd be willing to put it online somewhere...
> > Contact me off-
On Thu, 2004-05-13 at 01:17, Liam Helmer wrote:
> On Wed, 2004-05-12 at 17:31, Dennis Roos wrote:
> > Hi,
> > Here's the problem:
> > Users inside the vserver are unable to traceroute (ping works fine, due
> > to the CAP_NET_RAW)... traceroute complains about the (source)
> > interface, like so:
>
