Re: [User-mode-linux-devel] ifconfig idea

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

nu...@r4... said:
> Well, i don't exactly like making a SUID ifconfig binary, nor do i
> like running UML as root. 

Nobody likes it, least of all me.

> How about a patch to ifconfig such that it ONLY ifconfig's 'umn' and
> 'lo' with their respective IPs. 

Because in the hosting kernel, where the permission problems are, the device 
being ifconfig-ed is sl* (and /dev/tap* if that ethertap interface gets 
finished).

The actual device names aside, what do you mean up letting ifconfig ONLY 
configure umn and lo?  Are you talking about me shipping a restricted ifconfig 
that people are supposed to make suid root?  That can be done with a perl 
script or a little binary that checks its arguments and execs ifconfig.

Long-term, I do think that ifconfig needs to lighten up a bit.  Maybe by 
looking at the permissions of the tap devices (which I don't think it does 
now).
				Jeff