[Olsr-dev] including wifi stats in jsoninfo

Ferry Huberts (spam-protected)
Sat Jun 9 22:21:17 CEST 2012



On 09-06-12 21:23, Henning Rogge wrote:
> On Sat, Jun 9, 2012 at 7:19 PM, Hans-Christoph Steiner
> <(spam-protected)>  wrote:
>> It is entirely clear to me that olsrd currently runs as a single process with root privileges.  I was describing how I think olsrd should work, now how it does work.  Having a single process running as root is bad form when this process only needs root access for very few things.  Separating things based on what privileges are needed is what sshd does, for example, and many other daemons.
>>
>> It would be nice to even use a non-privileged port, so that root is only ever needed for accessing the routing tables.  Then for changing the routing table, there would be a tiny chunk of code running as root with a very simple, limited protocol.  Then everything else including plugins would run as a very unprivileged user.
>
> I wonder if we can do better in the new framework. OLSRd use a
> permanent rtnetlink socket to set the routing tables, does someone
> know if the capabilities of the process are checked for each netlink
> command or just when the socket is opened?
>

Privileges are only required during socket creation (if the sockets 
require special privileges or are on a port < 1024).

I've done this before and I've done even more: right after completing 
all actions that require privileges, I drop all non-required 
capabilities and switch to a different user.

That way, the process is running as an unprivileged user, with minimal 
privileges.

I'll dig up the code if you like

> This won't solve the problem to add a protocol UDP socket for new
> interfaces (where we most likely need CAP_NETADMIN), but it would be a
> step into the right direction.
>

as long as the sockets are simple sockets on ports >= 1024 no special 
privileges are needed. otherwise we might consider something like as 
startup hook


-- 
Ferry Huberts




More information about the Olsr-dev mailing list