On 03/02/09 17:24, James Carlson wrote: > Girish M G writes: > >> In the case of 'libipadm' model, there will be user called 'ipadm' who >> owns the 'datastore'. Read/Write to this data store will be done through >> 'libipadm' after donning that role. >> > > How does that happen? Libraries themselves don't have the ability to > run setuid. >
Agreed. We need to provide 'file_dac_write' privilege to 'ipadm' command along with 'sys_ip_config and proc_audit'. So in /etc/security/exec_attr we should have a line like this for 'ipadm' Network Management:solaris:cmd:::/sbin/ipadm:euid=ipadm;egid=sys; privs=sys_ip_config,proc_audit,file_dac_write. This should allow 'write' access to the db store 'ipadm.conf (owned by user ipadm)', from within the library, irrespective of any user with right authorization executing 'ipadm'. Further whoever links to libipadm.so.1 library should provide this privilege for that utility or daemon. With regard to where should we check the 'authorization'? I believe (just my thinking) doing that in the library would be nice. We know the exact 'feature set' of library and what exact authorization is required for each operation. Before performing the operation check for the authorization and accordingly return 'Success' or 'Failure'. ~Girish -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.opensolaris.org/pipermail/brussels-dev/attachments/20090303/421f0ad8/attachment.html>
