In message <[EMAIL PROTECTED]> Peter Pentchev writes:
: Hmm.. I've also received two private mails so far, pointing me to setuid().
: The problem is, I want to force a new UID on *another* process without
: its knowledge. setuid() only works on the process invoking it, so
: both the 'force' and the 'without its knowledge' part fall by the wayside :(
I think the reaction to this by the security officer team would be
a) extreme
and b) negative.
The security implications are huge.
: The security implications I meant have to do with the ability to provide
: either a tool or a sysctl to change the uid of any running process
: on the system - that would have to include stringent controls on exactly
: who and why uses this tool/sysctl. I have some ideas about this,
: but they need some more grinding before they're ready to be tossed
: at the world for discussion (and dissing ;)
I'd make it a full syscall, not just a sysctl. I'd also make sure
that only root and no body else could use it.
Maybe I should back up a step and ask what it is you are trying to
accomplish here.
Warner
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
