Carson Gaspar wrote:
On 2/17/16 9:50 AM, Carson Gaspar wrote:
On 2/16/16 8:21 PM, Damien Miller wrote:
I think this should fix it. It would be good if someone with recent
Solaris/
Illumos that does have the fine-grained privilege support could test
it too.
Solaris 10 has setppriv, but does not have priv_basicset. To work on
Solaris 10, the call would need to be replaced with the equivalent set
of explicitly listed privs:
"Of the privileges listed above, the privileges PRIV_FILE_LINK_ANY,
PRIV_FILE_READ, PRIV_FILE_WRITE, PRIV_PROC_INFO, PRIV_PROC_SESSION,
PRIV_NET_ACCESS, PRIV_PROC_FORK, and PRIV_PROC_EXEC are considered
"basic" privileges. These are privileges that used to be always avail-
able to unprivileged processes. By default, processes still have the
basic privileges."
Of course that's the Sol 11 man page excerpt. Sol 10 doesn't have
PRIV_FILE_{READ,WRITE}, but otherwise the basic privs are the same.
I'd be more that willing to try this out on Solaris 10.
--
Jeff Wieland | Purdue University
Network Systems Administrator | ITIS UNIX Platforms
Voice: (765)496-8234 | 155 S. Grant Street
FAX: (765)496-1380 | West Lafayette, IN 47907
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev