[ITP] libsuexec 1.0
Achim Gratz
Stromeko@nexgo.de
Thu Aug 21 04:54:00 GMT 2014
D. Boland writes:
>> I still think you should name it differently. Marco has already mixed
>> it up with Apache suexec…
>
> The idea kind of was to mix it up, so people will know what it does.
Apache suexec is concerned with running new processes as a different
user, so both the "su" and the "exec" part of the name make sense.
Your library is concerned with inserting itself into certain calls to
swap uid/gid so programs expecting a fixed mapping of some uid/gid to
certain capabilities (roughly associated with the concept of a root
user) work without the actual source getting patched on a system where
those assumptions aren't true. Looks like different thing to me and
giving it a different name surely wouldn't hurt.
> I noticed that you and other people already declare the user switching
> technique half dead. It's a brilliant idea, you know. Because of its
> simplicity.
I did nothing of that sort. I said that the assumptions some of those
programs make aren't true on many systems and have not been for a long
time.
> It's even patented. By referring to the Apache executable
> I give the technique the glory and attention it deserves.
Attaching to unrelated projects' names for glory is a surefire way to
rile those projects up and sow confusion among users on both sides.
> So most people are thinking 'Capabilities' nowadays... Sigh. This will
> only steer admins away from finding out how user switching works and
> applying it. Instead they will just run entire server processes as
> admin-users.
Again, running applications with the least privileges needed for a given
task is a tried and valid concept. SWitching uid/gid to achieve that is
an implementation detail that is not relevant to all systems. Give
SELinux a spin and then come back to me.
Regards,
Achim.
--
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
DIY Stuff:
http://Synth.Stromeko.net/DIY.html
More information about the Cygwin-apps
mailing list