
Privilege Revocation


Revocation:

1.   Use privs to allocate nasty resource
ie. SOCK_RAW, reserved port, bpf, /dev/pf, utmp...
2.   Use chroot() if possible
3.   Revoke privs

Doable in simple programs

ping, ping6, portmap, rpc.rstatd, rpc.rusersd, pppoe
traceroute, traceroute6, rwalld, pppd, spamd, afsd
authpf, ftpd, tftpd, httpd, dhcpd, mopd, rbootd

