Re: setEnvironmentVariable DBus method for wpasupplicant
- From: Jouni Malinen <j w1 fi>
- To: David Smith <dds google com>
- Cc: hostap lists shmoo com, stef memberwebs com, networkmanager-list gnome org
- Subject: Re: setEnvironmentVariable DBus method for wpasupplicant
- Date: Wed, 30 Jul 2008 15:44:05 +0300
On Tue, Jul 29, 2008 at 02:59:54PM +0900, David Smith wrote:
> Jouni Malinen <j w1 fi> writes:
> > wpa_supplicant 0.6.x has support for privilege separation that allows
> > the wpa_supplicant process to be run as any user (wpa_priv process will
> > be used for operations that require root access). Actually, this moves
> > even more than all crypto into non-root user context.
> Can this already be used for pkcs#11 operations?
If it is alright for the system to run wpa_supplicant as the current
user (however that is defined in multiuser systems..), yes, PKCS#11
operations would indeed be run as a non-root user along with all the
other authentication functionality. This would require that whatever is
starting wpa_supplicant knows how to start it with the current user,
though, since wpa_supplicant itself does not do use setuid() (etc.) to
change the UID.
--
Jouni Malinen PGP id EFC895FA
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
