>On Fri, Jul 03, 2009 at 02:08:07PM +0100, Darren J Moffat wrote:
>> >The pfexecd is started at boot through SMF as "svc:/system/pfexecd".
>> 
>> I'm assuming here that pfexecd is running as root with all privileges ?
>> Or is it able to run with a reduced set (for example pfexecd shouldn't I 
>> think need most of the current basic privs or file_write from the new 
>> set in PSARC/2009/378).  Though it feels to me like it should be running 
>> with all privs because other wise a lower privileged process is acting 
>> as an authority to hand out privs it doesn't actually have.
>
>What's wrong with pfexecd dropping privs after registering its door with
>the kernel?

Because lesser privilege processes could subvert it.

Casper


Reply via email to