1 |
Steven J. Long wrote: |
2 |
> On Tue, Sep 30, 2014 at 07:52:02AM -0700, Zac Medico wrote: |
3 |
> > The IPC implementation that I've suggested does not involve an SUID |
4 |
> > helper, so it is much more secure. Security would rely on the permission |
5 |
> > bits of the named pipes that are used to implement IPC. |
6 |
.. |
7 |
> I don't see how that's "more secure" |
8 |
|
9 |
It's a lot more secure to have a single well-defined privileged trust |
10 |
anchor (the privileged process) with a well-defined protocol, than to |
11 |
have built-in privilege escalation which allows arbitrary actions. |
12 |
|
13 |
|
14 |
> Not sure what a daemon buys you |
15 |
|
16 |
Not requiring built-in privilege escalation. |
17 |
|
18 |
|
19 |
//Peter |