[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Porting ProcessTable.pm Security/Permission Woes

To: tech@openbsd.org
Subject: Porting ProcessTable.pm Security/Permission Woes
From: JAMES RAZMUS II <lotsomail@usa.net>
Date: 2 Jul 2001 14:48:26 MDT

I have hit a wall porting the Proc::ProcessTable module.  I am using the kvm
interface and after linking with -lkvm I have a working .so file.  But it only
works when I chmod o+r /dev/mem /dev/kmem /dev/drum. I KNOW this is a problem
and am trying to find a way around it with a default install.  

Basically I need my .so to have setgid(kmem) capability.  So my questions is: 
How can I have my .so be loaded by ld.so into another process(perl) and retain
the kmem group or ability to read as if it were in the kmem group?  Is this
possible with some linker flags.  I missed this on the man pages if so...

I also tried chmod 2777 and chown root:kmem on my .so file and tested that
which failed as expected.  /usr/bin/perl run by a non-superuser can't setgid
to kmem and must ignore the file bits set on my .so in favor of my established
uid, euid, gid, and egid.

Any advice would be very appreciated.  I'm stumped.

Thanks,
Jim

Prev by Date: Re: Gigabit card recommendations
Next by Date: problem with pcap_inject and select
Prev by thread: Re: Gigabit card recommendations
Next by thread: problem with pcap_inject and select
Index(es):
- Date
- Thread