Gilad Ben-Yossef wrote: > Prepeare a small library that intercepts call to the libray socket() > and bind() calls and if, according to the parameters, the socket/bind > is for the low port socket, instead of calling the actuall bind/socket > of the library, will simply return the apropriate saved file > descriptor. For an example of how to do this see: > http://www.codefidence.com/src/bindtodevice.c The major flaw with this approach is that it will only work if you: 1. Know, in advance, how many sockets the application opens. and 2. Can recognize the right socket at the time of the "socket" call.
One can try and generalize this by not catching "socket" at all, only catching "bind", and then doing "dup2" to rename the pre-bound socket to the right fd. This still runs the risk that the application did ioctl of one kind or another on the socket between "socket" and "bind", which will now be lost (which my original approach, admittedly even crazier than this one, solved by duping the actual application socket). To summarize the non kernel based solutions (i.e. - assuming neither capabilities nor SELinux offer a solution): 1. My solution - Trace (actually, LD_PRELOAD will probably be easier) the application, set up a euid=0 runner that listens on a shared Unix domain socket. When the application tries to "bind", pass the fd to the listening program and let it do the binding. Downsides: it's crazy. It requires a euid 0 program around for the entire duration of the daughter program running (potential security risk through the socket). 2. Didi's solution - authbind. It uses a SUID helper program and global configuration files to check whether it's ok to bind the port. Downsides: ANOTHER SUID program on the system. The security person in me cringes the the way the permissions are synchronized with the program running. 3. Gilad's solution - trace the relevant calls, connect the received socket to a pre-bound socket. The only solution where no root programs are run during the program's execution. Downside: need to be able to predict what the program will be doing. Shachar -- Shachar Shemesh Lingnu Open Source Consulting ltd. Have you backed up today's work? http://www.lingnu.com/backup.html ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
