[Openswan dev] user control of conns

Ludwig Nussel ludwig.nussel at suse.de
Thu Dec 9 17:20:09 CET 2004


mcr at xelerance.com wrote:
> >>>>> "Ludwig" == Ludwig Nussel <ludwig.nussel at suse.de> writes:
>     >> It was my intention to make this program setuid root, such that
>     >> it could talk to the whack socket.
>     >> 
>     >> On the other hand, making the whack socket have group permissions
>     >> permits the executable either to be setgid() instead, or for the
>     >> user to actually be a member of a "pluto" (or "ipsec" ??) group.
>     >> 
>     >> What do you think?
> 
>     Ludwig> Use neither setuid nor setgid, make the socket accessible by
>     Ludwig> everyone instead. It's a unix domain socket so pluto can
>     Ludwig> check who is connecting and reject unauthorized users. The
>     Ludwig> messages coming from non-root users cannot be trusted then
>     Ludwig> though.
> 
>   That's a good suggestion.
> 
>   Do you think that the socket should have a specific group as well,
> just to make it more clear what is going on?

Well, the admin can do that himself if he wants to.

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\   SUSE LINUX Products GmbH, Development
 V_/_  http://www.suse.de/


More information about the Dev mailing list