> Just various non-obvious functions in libc(). ? (Do you think most programmers
> realize wordexp(), pututxline() or grantpt() call fork+exec?)
This is a reasonable characterization of what happens if you lose the
fork and exec privs - a few things break, some of which are obvious
(i.e., fork() no longer works) and some less so. Somewhere there is a
list of things in the system that fail if you don't have those privs
AND there is nothing on that list that causes angst.
Is there a similar list of OpenSolaris-provided lib routines that will
fail if you don't have network privs? Is there anything on that list
that comes as a surprise? Without a list (which doesn't need to be
exhaustive, just typical), how can we evaluate the usefulness/impact
of this priv? At an extreme, if lose_priv("networking") is
effectively equivalent to halt() because nothing in the system works
without it, then I'd question the usefulness of this priv. I don't
believe things are that ridiculously extreme, but the discussions
about loopback and IF_UNIX make me wonder what the real, effective
impact is. What system lib routines will now fail unexpectedly
without network privs in the same way that wordexp() fails without
fork()/exec() privs?
The bottom line, to me, is:
If I need to disable networking privs in my app, but doing so
disables other
OpenSolaris things that I can't live without as a side effect,
then the networking
priv isn't as useful as it could be.
-John
