In the last episode (Aug 17), ari said: > Currently, root is the only user that can actually drop significant > privileges, as root is the only user that has access to such > functions. This is flawed --- any user should be able to relinquish > his privileges, and i've begun a patch to put this into effect.
Have you taken a look at Cerb? http://cerber.sourceforge.net/ It does something similar, but uses a C-like language to control a processes actions. This lets you get extremely fine-grained control (allow httpd to bind to only port 80, once), but the rules run as "root", so they can grant as well as revoke privileges. A useful modification would be to allow users to submit their own policies that can only disallow actions (i.e. all arguments and process variables are read-only, and the script can either pass the syscall through or return a failure code, nothing else). -- Dan Nelson [EMAIL PROTECTED] _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
