From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/2860
Path: news.gmane.org!not-for-mail
From: Rich Felker <dalias@aerifal.cx>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: shadow.h
Date: Wed, 27 Feb 2013 12:06:14 -0500
Message-ID: <20130227170614.GK20323@brightrain.aerifal.cx>
References: <CAPLrYES3e2qOE9W5bHh536BHw1EaT518Lb_FRyuW0hqJN6O8NQ@mail.gmail.com>
 <20130226233542.GG20323@brightrain.aerifal.cx>
 <CAPLrYESo0pbrDxpuKgkSKeiUp_emMXrHwb88FzhZU67Jk_ju9A@mail.gmail.com>
 <20130227165408.GJ20323@brightrain.aerifal.cx>
 <CAPLrYETDT6OMv5X8UjbhBJM8TeaN-yd2G5hZ+ugGDxQLR_Wftg@mail.gmail.com>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Trace: ger.gmane.org 1361984807 19040 80.91.229.3 (27 Feb 2013 17:06:47 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 27 Feb 2013 17:06:47 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-2861-gllmg-musl=m.gmane.org@lists.openwall.com Wed Feb 27 18:07:11 2013
Return-path: <musl-return-2861-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@plane.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-2861-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1UAkTF-0004Ud-3l
	for gllmg-musl@plane.gmane.org; Wed, 27 Feb 2013 18:07:09 +0100
Original-Received: (qmail 7837 invoked by uid 550); 27 Feb 2013 17:06:27 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 7734 invoked from network); 27 Feb 2013 17:06:26 -0000
Content-Disposition: inline
In-Reply-To: <CAPLrYETDT6OMv5X8UjbhBJM8TeaN-yd2G5hZ+ugGDxQLR_Wftg@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Xref: news.gmane.org gmane.linux.lib.musl.general:2860
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/2860>

On Wed, Feb 27, 2013 at 06:04:08PM +0100, Daniel Cegiełka wrote:
> 2013/2/27 Rich Felker <dalias@aerifal.cx>:
> 
> >>
> >> I prefer tcb, but the current implementation in musl isn't as
> >> functional as owl's (privilege separation):
> >
> > Can you explain this better?
> 
> Owl's tcb uses SGID instead SUID, so SUID is not needed for programs
> like passwd. Here is a good presentation:
> 
> http://www.openwall.com/presentations/Owl/mgp00020.html

This has nothing to do with the interfaces in libc, which do not
modify any tcb data. They only read it and they work with whichever
privilege model you prefer.

Rich