bug-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: um-ppp installation


From: Philippe Brochard
Subject: Re: um-ppp installation
Date: Fri, 23 Nov 2001 10:28:29 +0100 (CET)

On 22-Nov-2001 Niels Möller wrote:
> philippe brochard <phil.brochard@free.fr> writes:
> 
>> but I think it's a good thing if we can run it with an unprivileged user.
> 
> I'm not sure if there's any sensible way to delegate control over just
> some parts of the networking (e.g different network interfaces), but
> until someone comes up with a good model for that, it should be
> possible to delegate control over all networkish things by changing
> the owner of /servers/socket/2, and adding that uid to users or
> processes you want to be able to control the networking.
> 
> Some questions (which is why I'm adding bug-hurd to the recipients):
> 
> 1. Has anybody thought about partial delegation of networking? Does
>    that make sense at all?
> 
> 2. Is the group of /servers/socket/2 relevant, or should it be? To me, it
>    seems cleaner to add network admins to a special group than using a
>    special network-admin uid.
> 
> 3. Is there a reasonable way to give a user additional uid:s
>    automatically at login?
> 
> (On second thought, you probably have to change the owner and
>  permission on some other nodes as well, to make sure that pfinet gets
>  access to ethernet hardware and stuff. And then one should probably
>  think a little about what a "privileged (< 1024) port means when
>  pfinet doesn't run as root. This seems a little harier than I'd
>  like).
> 
> Regards,
> /Niels

I think just that I don't want to become root to start ppp,
but all the users don't have to start ppp, maybe just some
on a specific group.

Regards,

-- 
Philippe Brochard <hocwp@free.fr>
http://hocwp.free.fr


reply via email to

[Prev in Thread] Current Thread [Next in Thread]