[Olsr-dev] making olsrd a "Position Independent Executable" i.e. gcc -pie -fPIE
L. Aaron Kaplan
(spam-protected)
Tue Oct 2 23:07:04 CEST 2012
Hi
>
>> Any particular objections
>> to including such a thing in olsrd proper?
>
> Last time we put it into Makefile.inc as an option... not sure this
> was a good idea.
>
>> I think we need to do as
>> much as we can to make sure olsrd has minimal exploits, since it runs
>> fully as root.
>
> Yes, unfortunately we cannot give root away after initializing... even
> if we could hand over the rtnetlink socket to another process, OLSRd
> needs the capability to open new sockets when an interface goes up.
Is it possible to get all interfaces (even if they are not up) beforehand?
On the other had, that will not account for newly created interfaces (such as tapX interfaces).
Hm...
Tricky.
More information about the Olsr-dev
mailing list