Re: setuid for priv sockets?
Re: setuid for priv sockets?
- Subject: Re: setuid for priv sockets?
- From: Damien Sorresso <email@hidden>
- Date: Mon, 27 Oct 2008 11:19:47 -0700
On Oct 27, 2008, at 11:11 AM, Brad Parker wrote:
If I have a app which wants to open a "privileged" socket (AF_NDRV)
for
direct ethernet access,
Is the right thing to make the app setuid root and do seteuid()?
This is (currently) a command line application. I suspect I should
ultimately add a UI and have it pop up a window asking for
authentication... (but I'm trying to avoid a UI for now)
Brad,
We're strongly (and I do mean strongly) trying to move people off of
setuid binaries. If it's a command line application, you can just
require that the user run it as root or with sudo if performing
actions that require access to this privileged port.
--
Damien Sorresso
BSD Engineering
Apple Inc.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden