I'm trying to implement secure rpc in kernel integrated with Thorsten Kukuk's
NIS+ (i.e. keyserv) (please let me know if it has been already done ;)
I have two questions:
1. The problem is that rpc calls to keyserv (through AF_INET sockets) should
be done from a priveleged port no matter what the priveleges of requesting
process are. I plan to use the following:
....
saved_fsuid = current->fsuid;
saved_cap_effective = current->cap_effective;
cap_raise(current->cap_effective, CAP_NET_BIND_SERVICE);
current->fsuid = 0;
xprt = xprt_create_proto(IPPROTO_UDP, &srvaddr, NULL);
current->fsuid = saved_fsuid;
current->cap_effective = saved_cap_effective;
....
Is it correct? And what is the correct way?
2. Is kernel rpc implementation documented somehow and anywhere? I could
found nothing (except kernel sources, of course ;)
-- Dmitry O Panov | mailto:dmitry@tsu.tula.ru Tula State University | http://www.tsu.tula.ru/ Dept. of CS & NIT | Fidonet: Dmitry Panov, 2:5022/8.31 aka 2:5022/5.50- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/