bind() sockets to restricted ports for lower-privilege daemons
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
bpoll
bsock
plasma @ af85a5e
proxyexec
.gitattributes
.gitignore
.gitmodules
CREDITS
Makefile
README
bsock.spec

README

README


bsock - bind() sockets to restricted ports for lower-privilege daemons

bsock federates binding to (important) socket addresses/ports on a system and
removes the requirement that many daemons start with root privileges in order
to bind to assigned ports.

The bsock daemon listens for requests on a local unix domain socket.
 
libbsock.so provides reusable bsock and bpoll interfaces.



proxyexec - proxy command execution without setuid

proxyexec is an executable that builds with libbsock.so and can be used
as a login shell or as the target of an sshd_config ForceCommand to
leverage operating system authentication to passing credentials to a
service program running under a single account.

proxyexec handles client/server communication by passing argv and stdin,
stdout, stderr fds over unix domain socket between processes owned by
different users.



bpoll - bookkeeping poll interface

bpoll provides a thin and portable abstraction interface using historical poll
semantics to detect ready events on socket, pipe, and other descriptors.
bpoll aims to provide a bookeeping event polling framework to encapsulate a
variety of poll implementations provided by different platforms.