:: Re: [DNG] Another multi-user issue
トップ ページ
このメッセージを削除
このメッセージに返信
著者: Rainer Weikusat
日付:  
To: dng
題目: Re: [DNG] Another multi-user issue
Boruch Baum <boruch_baum@???> writes:

- some clarifications as I tend to forget how far remove from 'everyday
experiences' this stuff happens to be -

> On 04/04/2016 11:22 AM, Rainer Weikusat wrote:


[...]

>> [*] "Everyday real-world example": One of the things I'm dealing with
>> is a proprietary racoon fork part of a VPN product for mobiles
>> (hefty simplification). I usually don't work on code as root but in
>> case I need to run a debugging session, I have to run the debugger as
>> root as it will need to be able to control a privileged process,
>> namely, the IKE daemon. Being prevented from seeing my own processes
>> via ps because they happen to be running with elevated privileges
>> would at least be a nuisance.
> You're trying to make a case for lowering system security using an
> example of a project meant to raise system security. It seems to me, as
> an outsider to your case, that you would be compromising your ipsec
> efforts


There are no "IPsec efforts" to compromise here -- I'm working as
developer on a product which includes racoon (IKEv1 implementation) and
whose purpose (one of them, at least) is to provide remote access VPNs
to iOS, OS X, Windows and Android devices. The machines in question here
would either be development servers run by my employer or production
appliances. VPN user itself have no access to either system, only 'tech
staff' has.

[...]

> Finally, in the case you mentioned, I'm not certain I understand what
> you mean when you say you would be "prevented from seeing my own
> processes via ps because they happen to be running with elevated
> privileges" - you said earlier that you run the debugger as root, and as
> root you would be seeing ALL processes.


I'm running the debugger as root via sudo. But not any other shell
session on the same computer.

> If you're not running as root, you would still be seeing all the other
> processes of your shared group.


Also, there's a plethora of processes involved here using many different
user and group IDs, depending on what kind of privileges they need and
what access to generally protected information they require.