[909] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] security idea

daemon@ATHENA.MIT.EDU (Peter J. Braam)
Mon Jul 15 14:04:48 1996

Date: Sat, 13 Jul 1996 12:54:02 -0700 (PDT)
From: "Peter J. Braam" <braam@maths.ox.ac.uk>
To: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.SV4.3.91.960704200915.6173G-100000@top.dbd.com>


I wonder if the following has been considered already.

Many security issues would be helped if there was one extra user which
could su to any other user, but not to uid zero. Let's call this user
"super".

Suid root programs might still have to start as root, to listen on a
priviliged port for example, but could then relinquish this uid 0 for uid
super, and do what they need to do. Sendmail is a good example.

Programs running as super could mess up users files, but not the 
"system"    
files owned by root, which strikes me as a definite advantage.

Exceptions would be the passwd program etc.

Just a thought.

Peter

home help back first fref pref prev next nref lref last post