Thanks Dave for the code example, seems like what I need.
On Aug 20, 2010, at 10:03 PM, Michael Smith wrote:
> On Aug 20, 2010, at 6:34 AM, Antoine Missout wrote:
>> We mean to allow, if the user wants to, to redirect questions about connections made by those processes to be redirected to the current logged-in (admin) user.
> This means you need to trust the agent quite a lot; you need to trust that it's presented the question and sent the correct reply, just for starters.
If a user breaks its own agent by playing with it, he might end up with unwanted rules only for himself.
If he's an admin, he might additionally create unwanted rules for network access of daemons. An admin can make any rule anyway.
A maliciously crafted answer won't affect the daemon.
On Aug 21, 2010, at 12:00 AM, James C wrote:
> Antoine, what's the connection between the user agent and the daemon?
> If it's TCP, have you considered ident (RFC 1413)? Else faking up
> something equivalent out of something like lsof?
The agent and daemon talks through mach rpc, allowing us to use ServerAuditToken with audit_token_to_au32 to verify credentials of the agent.
- Antoine _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden