
$BFC8"J|4~(B (privilege revocation)


setuid $B$N%W%m%0%i%`$d%G!<%b%s$N>l9g(B

$BJ|4~(B:

1. $BFC8"$r;HMQ$7$FLdBj$N$"$k%j%=!<%9$r3d$jEv$F$k(B/open$B$9$k(B
SOCK_RAW$B!"M=Ls:Q$_%]!<%H!"(B/dev/pf$B!"(Butmp $B$J$I(B
2. $B2DG=$G$"$l$P(B chroot() $B$r;HMQ$9$k(B
3. $BFC8"$rL58z$K$9$k(B

$BC1=c$J%W%m%0%i%`$G<B9T2DG=(B

ping, ping6, portmap
rpc.rstatd, rpc.rusersd
traceroute, traceroute6
rwalld, pppd, spamd, authpf
ftpd, named, httpd

$B3+H/$,Hf3SE*MF0W(B

