Integrate fping into Solaris [PSARC/2008/160 FastTrack timeout 03/05/2008]
Gary Winiger
gww at eng.sun.com
Wed Mar 5 12:40:10 PST 2008
> > Security Impact:
> >
> > The original code base used a raw socket to communicate and
> > required root
> > access (geteuid() == 0). This has been modified to call
> > priv_ineffect(PRIV_NET_ICMPACCESS)
> > All uses of geteuid/getuid/seteuid have been compiled out.
>
> I'm not sure what is being said here. If the code is checking
> that it inherits net_icmpaccess, it shouldn't. It should just
> make the system calls. If they fail, give a diagnostic and exit.
>
> Gary..
> P.S. nit. The updated man page says net_rawaccess. Indeed the whole
> RESTRICTIONS section should read:
> Successful execution of this program requires that it be granted
> the net_icmpaccess privilege.
> Also add to
> SEE ALSO
> rbac(5), privileges(5)
At today's PSARC meeting, I asked for more time to deal with this
project's specification. IMO, the spec needs to be updated to
correct the nits and to add an fping entry to a Rights Profile.
I would suggest the Network Management Rights Profile. See
http://opensolaris.org/os/community/arc/bestpractices/rbac-profiles/
Adding commands to an existing Rights Profile on ON or
Adding a new Rights Profile to other gates, if not part of ON.
If the project team has questions, please contact me off line.
If privileges greater than "privs=net_icmpaccess" are required,
IMO they need to be justified as part of this case.
Gary..
More information about the opensolaris-arc
mailing list