In-kernel pfexec implementation. [PSARC/2009/377 FastTrack timeout 07/10/2009]
Casper.Dik at sun.com
Casper.Dik at sun.com
Sun Jul 5 08:01:00 PDT 2009
>On Fri, Jul 03, 2009 at 02:08:07PM +0100, Darren J Moffat wrote:
>> >The pfexecd is started at boot through SMF as "svc:/system/pfexecd".
>>
>> I'm assuming here that pfexecd is running as root with all privileges ?
>> Or is it able to run with a reduced set (for example pfexecd shouldn't I
>> think need most of the current basic privs or file_write from the new
>> set in PSARC/2009/378). Though it feels to me like it should be running
>> with all privs because other wise a lower privileged process is acting
>> as an authority to hand out privs it doesn't actually have.
>
>What's wrong with pfexecd dropping privs after registering its door with
>the kernel?
Because lesser privilege processes could subvert it.
Casper
More information about the opensolaris-arc
mailing list