From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/2859
Path: news.gmane.org!not-for-mail
From: =?ISO-8859-2?Q?Daniel_Cegie=B3ka?= <daniel.cegielka@gmail.com>
Newsgroups: gmane.linux.lib.musl.general
Subject: Re: shadow.h
Date: Wed, 27 Feb 2013 18:04:08 +0100
Message-ID: <CAPLrYETDT6OMv5X8UjbhBJM8TeaN-yd2G5hZ+ugGDxQLR_Wftg@mail.gmail.com>
References: <CAPLrYES3e2qOE9W5bHh536BHw1EaT518Lb_FRyuW0hqJN6O8NQ@mail.gmail.com>
 <20130226233542.GG20323@brightrain.aerifal.cx> <CAPLrYESo0pbrDxpuKgkSKeiUp_emMXrHwb88FzhZU67Jk_ju9A@mail.gmail.com>
 <20130227165408.GJ20323@brightrain.aerifal.cx>
Reply-To: musl@lists.openwall.com
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
X-Trace: ger.gmane.org 1361984680 17595 80.91.229.3 (27 Feb 2013 17:04:40 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Wed, 27 Feb 2013 17:04:40 +0000 (UTC)
To: musl@lists.openwall.com
Original-X-From: musl-return-2860-gllmg-musl=m.gmane.org@lists.openwall.com Wed Feb 27 18:05:03 2013
Return-path: <musl-return-2860-gllmg-musl=m.gmane.org@lists.openwall.com>
Envelope-to: gllmg-musl@plane.gmane.org
Original-Received: from mother.openwall.net ([195.42.179.200])
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <musl-return-2860-gllmg-musl=m.gmane.org@lists.openwall.com>)
	id 1UAkRB-0003R4-R0
	for gllmg-musl@plane.gmane.org; Wed, 27 Feb 2013 18:05:01 +0100
Original-Received: (qmail 7180 invoked by uid 550); 27 Feb 2013 17:04:40 -0000
Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:musl@lists.openwall.com>
List-Help: <mailto:musl-help@lists.openwall.com>
List-Unsubscribe: <mailto:musl-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:musl-subscribe@lists.openwall.com>
Original-Received: (qmail 7170 invoked from network); 27 Feb 2013 17:04:40 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=x-received:mime-version:in-reply-to:references:from:date:message-id
         :subject:to:content-type;
        bh=oRpA9si/cjU9YMG6AbyWIEZKeQ3YYF9wxrS6oU5blcM=;
        b=rXX/XSV581vOUqEz5JNrHB1n/Lrd9x+fnN9g0JYRPuefosXYDiH2n+eOydrxJnvpZQ
         3Dv12B4ZHEp54F8Q9C6opxDCdr7c4cHlafBDQY+nre7LeEhu8T8V0h79ZefdP7fcbCOp
         SbJ7YVRvzjzWgYldPF9ADFXDmMe5y8F+nqS13309LzgT+rOaNqqO3GAPnAi4uHE1rsWo
         RCar7MPxtULqcjfomdttwQX0lrd90wEySQWMVl4v1bXhL4kGcvY0vqtBb5LyMD8ORjhN
         CL1wbQS9pCFbnBNcM9vrmJxGRWgz9x6bClD72CGPys6op2fzAGSu691N4B+9SAD7+5wS
         nrSw==
X-Received: by 10.224.209.193 with SMTP id gh1mr8913395qab.86.1361984668503;
 Wed, 27 Feb 2013 09:04:28 -0800 (PST)
In-Reply-To: <20130227165408.GJ20323@brightrain.aerifal.cx>
Xref: news.gmane.org gmane.linux.lib.musl.general:2859
Archived-At: <http://permalink.gmane.org/gmane.linux.lib.musl.general/2859>

2013/2/27 Rich Felker <dalias@aerifal.cx>:

>>
>> I prefer tcb, but the current implementation in musl isn't as
>> functional as owl's (privilege separation):
>
> Can you explain this better?

Owl's tcb uses SGID instead SUID, so SUID is not needed for programs
like passwd. Here is a good presentation:

http://www.openwall.com/presentations/Owl/mgp00020.html

> I don't think the code in libc has
> anything to do with privilege separation model used. It only *reads*
> the tcb shadow data; it doesn't write anything, and it doesn't depend
> on any particular permissions model for the data except that it be
> readable by whichever user is doing authenticating.
>
> Rich