support for privilege elevation.

with privilege elevation no suid or sgid binaries are necessary any longer. Applications can be executed completely unprivileged. Systrace raises the privileges for a single system call depending on the configured policy. Idea from discussions with Perry Metzger, Dug Song and Marcus Watts. from provos
author: itojun <itojun@openbsd.org> 2002-10-16 15:01:08 +0000
committer: itojun <itojun@openbsd.org> 2002-10-16 15:01:08 +0000
commit: 0d36d140366e4cceb24c82c7dccfc5193238e887 (patch)
tree: 65536b40d2555915d9fa3a671db8164fd568adff /sys/dev/systrace.h
parent: translation for socket system call (diff)
download: wireguard-openbsd-0d36d140366e4cceb24c82c7dccfc5193238e887.tar.xz
wireguard-openbsd-0d36d140366e4cceb24c82c7dccfc5193238e887.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/sys/dev/systrace.h b/sys/dev/systrace.h
index 6f5a13cda6e..1861dfed058 100644
--- a/sys/dev/systrace.h
+++ b/sys/dev/systrace.h
@@ -89,6 +89,8 @@ struct systrace_answer {
 	pid_t stra_pid;
 	u_int16_t stra_seqnr;
 	short reserved;
+	uid_t stra_seteuid;	/* elevated privileges for system call */
+	uid_t stra_setegid;
 	int stra_policy;
 	int stra_error;
 	int stra_flags;
@@ -152,6 +154,8 @@ struct systrace_replace {
 #define SYSTR_POLICY_NEVER	2
 
 #define SYSTR_FLAGS_RESULT	0x001
+#define SYSTR_FLAGS_SETEUID	0x002
+#define SYSTR_FLAGS_SETEGID	0x004
 
 #ifdef _KERNEL
 struct str_process;
author	itojun <itojun@openbsd.org>	2002-10-16 15:01:08 +0000
committer	itojun <itojun@openbsd.org>	2002-10-16 15:01:08 +0000
commit	0d36d140366e4cceb24c82c7dccfc5193238e887 (patch)
tree	65536b40d2555915d9fa3a671db8164fd568adff /sys/dev/systrace.h
parent	translation for socket system call (diff)
download	wireguard-openbsd-0d36d140366e4cceb24c82c7dccfc5193238e887.tar.xz wireguard-openbsd-0d36d140366e4cceb24c82c7dccfc5193238e887.zip