> >> 2.4 Privileges for dlmgmtd
> >>
> >> The dlmgmtd daemon described in 2006/499 requires the following set of
> >> privileges: file_dac_write, file_chown_self, sys_mount, and
> >> sys_net_config.
> >
> > In looking at the materials (though I didn't read too carefully),
> > I saw dlmgmtd described, but not anything to do with privilege.
> > Is this saying it now will run with no special access rights?
> > For example as user noaccess and either no or just basic privileges?
> >
> > Gary..
> >
> Hi Gary,
>
> Sorry for not being clear. The dlmgmtd is still run by root, but once it
> starts, it drops
> all privileges and only keeps limited privileges.
Thanks. And you're aware that this still leaves dlmgmtd
vulnerable to attack. Running with uid 0 and no effective
or permitted privileges still means it has read access to
all root owned files.
Gary..
