[Olsr-dev] privilege separation for olsrd
Hans-Christoph Steiner
(spam-protected)
Wed Oct 3 18:07:37 CEST 2012
I was just poking around OpenSSH for ideas for how olsrd could be a lot
more secure. The main issue right now is that olsrd does everything as
root, even though it only needs root privileges for specific things
(opening the socket on port 698 and editing the routing table).
OpenSSH is a daemon that needs privileges for opening a socket on port
22, but then it does very little else as root. It does this without
using threads, but relies on multiple processes instead. Here's two
overviews of how openssh does it:
http://www.citi.umich.edu/u/provos/ssh/privsep.html
http://www.openbsd.org/papers/openssh-measures-asiabsdcon2007-slides.pdf
.hc
More information about the Olsr-dev
mailing list