Privilege Revocation


For setuid programs or daemons

Revocation:

1.   Use privs to allocate nasty resource
ie. SOCK_RAW, reserved port, /dev/pf, utmp...
2.   Use chroot() if possible
3.   Revoke privs

Doable in simple programs

ping, ping6, portmap
rpc.rstatd, rpc.rusersd
traceroute, traceroute6
rwalld, pppd, spamd, authpf
ftpd, named, httpd

Pretty easy to develop