Status of innbind and Solaris
hakehoe at avalon.net
Wed May 19 15:49:33 UTC 2004
-----BEGIN PGP SIGNED MESSAGE-----
On May 19, 2004, at 1:49, Russ Allbery wrote:
> I didn't quite get this finished tonight, but I'm close. A bit more
> on it tomorrow should finish it off.
> The problem, as those who have tried to run CURRENT on Solaris know, is
> that the neat hack of creating a socket and then running a setuid root
> helper program to bind the socket only works on operating systems that
> actually implement native Berkeley sockets. On streams-based systems
> Solaris, somehow the privileges of the creator of the socket attach to
> rather than the privileges of the person running bind, and the
> can't bind even though it has an effective UID of root.
Streams systems have an ioctl of I_SENDFD and I_RECVFD for passing a
descriptor between processes over a stream pipe. The setuid helper
create the socket, bind it, then send the file descriptor of the socket
innd using I_SENDFD. I've used fd passing once before somewhere, I'll
if I can find that code. This would be a simpler approach, I_SENDFD
detected with a configure test.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
-----END PGP SIGNATURE-----
More information about the inn-workers