Contributed by jose on from the elevation-and-declination dept.
"Yep, thats right, systrace can now be used for selectable priv escalation. Furthermore, on the setuid root front, login was changed to remove its need for setuid bit.Changes by: itojun@cvs.openbsd.org 2002/10/16 09:01:08 Modified files: sys/dev : systrace.c systrace.h bin/systrace : Makefile filter.c intercept.c intercept.h lex.l openbsd-syscalls.c parse.y systrace.1 systrace.c systrace.h Log message: support for privilege elevation. with privilege elevation no suid or sgid binaries are necessary any longer. Applications can be executed completely unprivileged. Systrace raises the privileges for a single system call depending on the configured policy. Idea from discussions with Perry Metzger, Dug Song and Marcus Watts. from provos"
3.2 has some serious setuid audits going on!
(Comments are closed)
By Anonymous Coward () on
By Anonymous Coward () on
I know, it's designed to be easy to create new policies - and that's true. But policies generated on one's own as a clueless (default?) user are not all that likely to be too worthwhile, whether due to permitting too much uncategorically, or due to non-optimized rule ordering which can have a performance impact -especially if you start to systrace a LOT of applications, as would be the case if one tried to remove the suid+sgid bits from everything.
To sum up - I really think there should really be a resource to pool a large repository of quality rulesets that could fill /etc/systrace. Ideally, the best could be chosen and tossed into the default install. Ideally too, such policies would run with standard usage of said applications (e.g. zone xferring ability for the named systrace policy).
What ever became of the deadly post a while back for the person trying to get a systrace collection going?
By Anonymous Coward () on
By Anonymous Coward () on