| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20100319.145336.226782717.davem@davemloft.net> Date: Fri, 19 Mar 2010 14:53:36 -0700 (PDT) From: David Miller <davem@...emloft.net> To: andi@...stfloor.org Cc: cl@...ux-foundation.org, netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: Add PGM protocol support to the IP stack From: Andi Kleen <andi@...stfloor.org> Date: Fri, 19 Mar 2010 18:18:36 +0100 > Christoph Lameter <cl@...ux-foundation.org> writes: >> >> I know about the openpgm implementation. Openpbm does this at the user >> level and requires linking to a library. It is essentially a communication >> protocol done in user space. It has privilege issues because it has to >> create PGM packets via a raw socket. > > That seems like a poor reason alone to put something into the kernel > Perhaps you rather need some way to have unpriviledged raw sockets? > > The classical way to do this is to start suid root, only open > the socket and then drop privileges. I completely agree. We should be able to make a way for unprivileged users to use RAW sockets in some limited capacity, for cases like this. But I also don't consider what openpbm has to do right now to be all that much of a restriction. You need privileges to add the protocol to the kernel, you need privileges to run the userspace variant, there is no real difference. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists