user-mode-linux-devel

Re: [User-mode-linux-devel] ifconfig idea

[Jeff D. <jd...@ka...>]

nu...@r4... said:
> Well, i don't exactly like making a SUID ifconfig binary, nor do i
> like running UML as root. 

Nobody likes it, least of all me.

> How about a patch to ifconfig such that it ONLY ifconfig's 'umn' and
> 'lo' with their respective IPs. 

Because in the hosting kernel, where the permission problems are, the device 
being ifconfig-ed is sl* (and /dev/tap* if that ethertap interface gets 
finished).

The actual device names aside, what do you mean up letting ifconfig ONLY 
configure umn and lo?  Are you talking about me shipping a restricted ifconfig 
that people are supposed to make suid root?  That can be done with a perl 
script or a little binary that checks its arguments and execs ifconfig.

Long-term, I do think that ifconfig needs to lighten up a bit.  Maybe by 
looking at the permissions of the tap devices (which I don't think it does 
now).
				Jeff

Re: [User-mode-linux-devel] ifconfig idea

[Jeff D. <jd...@ka...>]

> perl script is out of the question...SUID scripts is even worse (well
> maybe not) than SUID ifconfig.  A simple binary is probably a better
> idea. 

I thought I read somewhere in the perl docs that safe suid perl scripts were 
doable.  Anyway, a binary would be easy enough, too.  If you're so bothered by 
it, why not write up a nice little ifconfig wrapper, and I'll distribute it 
instead of my stupid um_ifconfig :-)

> I dont know TOO much, but i think it's more a kernel thing that's
> restricting it from doing things..ifconfig doesn't really do much
> error checking... 

I think you're right.

BTW, configuring the device isn't the only permissions problem with the net.  
In order to set up a slip device, you need to get a pty.  I currently use a 
pts device, and on some distros (like Debian) the permissions on /dev/pts 
don't allow random users to do that.  One more reason to go over to an 
ethertap network.

				Jeff

Re: [User-mode-linux-devel] ifconfig idea

[<nu...@r4...>]

> 
> The actual device names aside, what do you mean up letting ifconfig ONLY 
> configure umn and lo?  Are you talking about me shipping a restricted ifconfig 
> that people are supposed to make suid root?  

yup....some kind of checking to make sure the arguments are what UML will
be using....

> That can be done with a perl 
> script or a little binary that checks its arguments and execs ifconfig.
> 
perl script is out of the question...SUID scripts is even worse (well
maybe not) than SUID ifconfig.  A simple binary is probably a better idea.

> Long-term, I do think that ifconfig needs to lighten up a bit.  Maybe by 
> looking at the permissions of the tap devices (which I don't think it does 
> now).

I dont know TOO much, but i think it's more a kernel thing that's
restricting it from doing things..ifconfig doesn't really do much error
checking...

--buddy