[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: nosuid in fstab

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: nosuid in fstab
From: "Anthony Roberts" <anthonyrcalgary_(_at_)_hotmail_(_dot_)_com>
Date: Wed, 26 May 2004 14:33:38 -0600

So would you do that with setuid, or an entry for pfctl
in sudoers(5), or something completely different?


Well first of all authpf solves a problem you don't necessarily
have... you could maintain your own database of usernames
and passwords that have nothing to do with users on the
OpenBSD machine. Then your web interface can pass stuff
to a daemon or cron job (or whatever) that is root. There's
a ton of ways of doing this. You still have to be careful with
the messages, as there's the potential for exploits with them,
but it's possible to design an inherently safe message format
and then check it heavily in the one place you read it.

_________________________________________________________________
http://join.msn.com/?pgmarket=en-ca&page=byoa/prem&xAPID=1994&DI=1034&SU=http://hotmail.com/enca&HL=Market_MSNIS_Taglines

Prev by Date: Re: nosuid in fstab
Next by Date: Re: Can ifstetd sense carp interfaces status?
Previous by thread: Re: nosuid in fstab
Next by thread: Re: Can ifstetd sense carp interfaces status?
Index(es):
- Date
- Thread

Visit your host, monkey.org