In-kernel pfexec implementation. [PSARC/2009/377 FastTrack timeout 07/10/2009]

Joerg Schilling Joerg.Schilling at fokus.fraunhofer.de
Tue Jul 7 09:12:50 PDT 2009 

Casper Dik <casper at sac.sfbay.sun.com> wrote:

>
> Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI
> This information is Copyright 2009 Sun Microsystems
> 1. Introduction
>     1.1. Project/Component Working Name:
> 	 In-kernel pfexec implementation.
>     1.2. Name of Document Author/Supplier:
> 	 Author:  Casper Dik
>     1.3  Date of This Document:
> 	03 July, 2009
> 4. Technical Description
> I'm sponsoring this fasttrack for myself.
>
> This project proposes an in-kernel implementation of the
> pfexec(1) command.
>
> Release binding: minor.
>
> The implementation of pfexec(1) is changed such that is
> add the PRIV_PFEXEC credential flag and then executes
> the program.  The execve() system call will notice the
> PRIV_PFEXEC flag and it will ask the pfexecd daemon
> whether the file can be executed and which changes to the
> credential are required.

Does this mean that the need for the existence of the /usr/bin/pfexec program
will remain? OK, from readin below this seems to be true.

... or will there be a file system attribute that allows to create spfexec 
executable file behavior?


> The pfexecd is started at boot through SMF as "svc:/system/pfexecd".
>
> Implementing pfexec in the kernel delivers the following advantages:
>
>
> 	- pfshells come at no charge; this project will deliver
> 	  the following pf*sh*:
> 		pfbash pfcsh pfksh pfksh93 pfsh pftcsh pfzsh
>
> 	  A pf*sh* starts, sets the PRIV_PFEXEC flag and executes
> 	  the shell.  Code which supports profile shells in current
> 	  shells will be removed.

You mean the code that shifts the arg vector and that prepends /usr/bin/pfexec ?

>       /usr/bin/pfcsh [ options ] [ argument ]...
>  
> +     /usr/bin/pftcsh [ options ] [ argument ]...
> +
>       /usr/bin/pfksh [ options ] [ argument ]...
>  
> +     /usr/bin/pfksh93 [ options ] [ argument ]...
> +
> +     /usr/bin/pfbash [ options ] [ argument ]...
> +
> +     /usr/bin/pfzsh [ options ] [ argument ]...
> +

Will there be the possibility to turn on/off this feature like while the shell 
is running like I did implement in "bsh" and "sh" in 
ftp://ftp.berlios.de/pub/schily/ 

set -P	# Turn on profile mode
set +P	# Turn off profile mode

set -o profile	# Turn on profile mode
set +o profile	# Turn off profile mode



Jörg

-- 
 EMail:joerg at schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
       js at cs.tu-berlin.de                (uni)  
       joerg.schilling at fokus.fraunhofer.de (work) Blog: http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily

More information about the opensolaris-arc mailing list