
Privilege Revocation


For setuid programs or daemons

Revocation:

1.   Use privs to allocate nasty resource
ie. SOCK_RAW, reserved port, bpf, /dev/pf, utmp...
2.   Use chroot() if possible
3.   Revoke privs

Doable in simple programs

ping, ping6, portmap, rpc.rstatd, rpc.rusersd, pppoe
traceroute, traceroute6, rwalld, pppd, spamd, afsd
authpf, ftpd, tftpd, httpd, dhcpd, dhclient, mopd, rbootd

NOTE: bpf write filters and locking



Pretty easy to develop

