[lcdproc] "named pipe" is different from/dev/lcdkernel code. :-)]

William W. Ferrell wwf@frontierdev.com
Thu, 22 Mar 2001 16:41:24 -0700 

--HCdXmnRlPgeNBad2
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

--- chris.debenham@aus.sun.com's mailer spewed these beefy chunks ---
> A point I was thinking about in relation to socket/named pipes is the idea of security.
> Network sockets are by very nature in-secure (even with authentication there is still the chance of buffer overflows etc) so it may be a good idea to give the option of named pipes to those who need them, but use sockets for all others. By allowing sockets (and using tcp_wrappers) you would allow remote LCDs, remote clients etc but as long as there is the option to use named pipes security would be possible.

Named pipes are vulnerable to the same kinds of buffer overflows,
though, aren't they?

One benefit of separating drivers from LCDd from clients is that LCDd
would almost never need root (and could certainly give it up real fast
if it *did* get it at startup); you'd only have the driver sitting on
/dev/ttyS0 or /dev/lp0 or whatever as root (preferably not, but it might
be required in some circumstances that I haven't thought of yet :).

A client should never need root unless it's running libgtop on Solaris
and that's assuming libgtop still needs root for certain kstat()'s.

> Another thought: can named pipes be NFS exported? In this way user-level security could be enforced by exporting it only to certain machine and with a suitable set of permissions. This would reduce the need for network sockets, but still allow remote access.

I've got no clue on this one. :(

> Nothing Is Foolproof To A Sufficiently Talented Fool.

Heh! I just fell off my chair reading that one :) It's been a long day,
and oddly enough I've been dealing mostly with fools at work today :)

--
William W. Ferrell, Senior System Administrator, Global Crossing Ltd.
950 17th St Ste 2200, Denver, CO 80202   1.303.223.0564

Public key available:
  gpg --keyserver certserver.pgp.com --recv-key 7478FC7A

The Phone Booth Rule:
	A lone dime always gets the number nearly right.

--HCdXmnRlPgeNBad2
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjq6jaMACgkQgAeqhXR4/HpFbACfTUAjUmr9HKAkczCqiiPeAy5O
UaQAn3jpuObDLDWF7a3sRYgpJpRU2eTb
=l4gf
-----END PGP SIGNATURE-----


--HCdXmnRlPgeNBad2
Content-Type: text/plain; charset=


-----------------------------------------------------------
To unsubscribe from this list send a blank message to
lcdproc-unsubscribe@lists.omnipotent.net
--HCdXmnRlPgeNBad2--