> > Thanks. And you're aware that this still leaves dlmgmtd
> > vulnerable to attack. Running with uid 0 and no effective
> > or permitted privileges still means it has read access to
> > all root owned files.
>
> Yes, and based on a discussion Cathy and I had yesterday, we think it
The point is to implement the principle of least privilege, not
to run with some state where the daemon can't function. I mentioned
it because just having no privileges doesn't always mean the
principle of least privilege is met.
> So, in short, is the use of uid 0 with minimal privileges for a
> non-networked daemon a gating issue? Or could a change (if possible)
> from uid 0 to the dladm user be done as part of a future case?
If that's what's needed, then that's what's needed ;-)
Gary..
