On Thu, Jun 01, 2006 at 09:52:56AM +0100, Darren J Moffat wrote:
> Nicolas Williams wrote:
> >A note:
> >
> > Much Solaris functionality depends on IPC being available,
> > particularly doors IPC, so any new basic privileges whose absence
> > from E might break things should be considered one of the "unsafe"
> > privileges (unsafe to not have in L, but in this case not safe to not
> > have in E).
> >
> >A question:
> >
> > What applications would drop these basic privileges?
>
> any application that should never do any networking, believe it or not
^^^^^
> there are some :-) We even have some customers who have understood
> basic privileges well enough to request this!
Strong word, that.
I think applications like ssh-agent qualify (ssh-agent only after it's
setup its local IPC listener). But it helps that you can be reasonably
certain that no library paths will be doing networking.
If there's enough libraries in the mix we'll run the risk of breaking
apps that drop these privileges in the future.
Nico
--
