This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Proposal for PR 13128

From: fche at redhat dot com (Frank Ch. Eigler)
To: Dave Brolley <brolley at redhat dot com>
Cc: systemtap at sourceware dot org
Date: Tue, 27 Sep 2011 14:43:30 -0400
Subject: Re: Proposal for PR 13128
References: <4E81F7C1.2070708@redhat.com>

Hi, Dave -

> With regard to http://sourceware.org/bugzilla/show_bug.cgi?id=13128

Thanks for posting your ideas.

> [...]
> --unprivileged[=stapusr|stapdev]

Or a new option --privilege=stapdev|stapkern|stapusr, with
--unprivileged equivalent to --privilege=stapusr.  "stapkern" is the
least bad of my ideas as to what to call this intermediate level.


> We can use the same mechanism up to step 3 for the new privilege
> level. At step 4, staprun will still verify the module's signature,
> however staprun now also needs to know for which privilege level the
> module was approved. [...]

Actually, it doesn't.  Since it's signed, staprun can trust the module
to do the verification itself.  It could just pass bit-flags as to the
invoking user's stapdev|stapkern|stapusr group memberships, and let
the module itself assess eligibility to run.

- FChE

Follow-Ups:
- Re: Proposal for PR 13128
  - From: Josh Stone

References:
- Proposal for PR 13128
  - From: Dave Brolley

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]