File: [local] / src / usr.bin / sndiod / Makefile (download)
Revision 1.4, Sun Dec 20 11:38:33 2015 UTC (8 years, 5 months ago) by ratchov
Branch: MAIN
Changes since 1.3: +2 -2 lines
In case of a bug in sndiod, an attacker (a local user) could run
arbitrary code as user _sndio, i.e. get a second uid.
Mitigate the risk by implementing initial privilege separation as
follows. Break sndiod in two processes: a chroot()ed "worker" process
processing input, and a non-chroot()ed "helper" process opening
devices and passing descriptors to the worker.
With help from benno, claudio, semarie and gilles.
ok benno, semarie and tb
|