[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

setuid root programs in hurd dist

From: Roland McGrath
Subject: setuid root programs in hurd dist
Date: Wed, 5 Jun 2002 17:28:50 -0400 (EDT)

They are:

login   -- Falls back to unix-style if password server is not there.
           If we can presume the password server works, then we can
           clear the setuid bit here.  (We could also remove the old code,
           or leave it there for only root to be able to use w/o server.)
ids     -- Does pid2task to query arbitrary processes auth ports.
           Seems like a questionable need.  If that info should be public,
           we could just have the proc server publish the id lists it got
           in its auth transactions (which it doesn't save now).
ps      -- Needs task ports to query some kinds of info.
w       -- I'm not sure that it really needs it.
vmstat  -- Needs host priv port to talk to default pager.
           One Day this will be different when we have a Hurdish default
           pager that is accessible via /servers.
vminfo  -- Lets you show AS of any process.  Seems like it should not be suid.
ping    -- Just like Unix, needs root for raw sockets.
           Eventually it might be good to use a separate UID for pfinet
           that has access to net devices and no other root privs.
           Then ping and the like could be setuid that UID instead.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]