Re: Solaris privileges to use pinger w/o setuid-root

> On Sat, Jan 26, 2008 at 01:16:14PM +1300, Amos Jeffries wrote:
>> Frank Fegert wrote:
>> >On Fri, Jan 25, 2008 at 09:25:24AM +1300, Amos Jeffries wrote:
>> >>>i did a quick hack and patched Solaris privileges support into
>> pinger.c
>> >>>from squid-2.6.STABLE18. This should allow to run pinger w/o
>> setuid-root,
>> >>>while still being able to access ICMP-sockets. The $SQUID_USER gets
>> the
>> >>>additional PRIV_NET_ICMPACCESS rights via:
>> >>> /usr/sbin/usermod -K defaultpriv=basic,net_icmpaccess $SQUID_USER
>> >>>
>> >>>While probably not so interesting for the general public, could
>> someone
>> >>>with a bit more squid-code knowledge than me take a look at the
>> patch?
>> >>>I just want to make sure i didn't inadvertedly break something else
>> ;-)
>> >>Interesting and useful. Thank you.
>> >
>> >Thank you for your fast reply. I should add that i didn't invent the
>> >wheel here ;-) There is a quite nice documentation on the subject:
>> > http://docs.sun.com/app/docs/doc/816-4863/chap1-intro-net-01
>> >so credits should go towards Sun ;-)
>>
>> Ah, in which case we have to ask: Is the code copyright available under
>> GPL v2 and later Lisences?
>>
>> The copyright issues have been getting a bit of cleanup lately and we
>> don't want to go backwards if possible.
>
> Good point, but (luckyly) IANAL. Sun indicates in the first page of the
> document mentioned above, that the information in the document is subject
> to Suns or a third partys copyright. Sound like a standard text blob, but
> does that also include work derived from the document?
>

You mean the "Book information" page? my reading of that it mentions a lot
of sources, OpenSource and others. Without mentioning any conditions of
those sub-liscencing.

Without specifically mentioning anything about rights of users or readers
it does clearly deny any uses where the 'information contained within'
might reach a mysterious listof poeple any countries the US don't like.
Nasty.

The way copyrights seem to have been done in squid. If you have generated
the code from a non-copyright brief description we should be able to
accept it as your community work.

If you have duplicated code or pseudo algorithm, from a copyright or
limited use source (I'm not sure if tha US export law counts) we need to
be able to verify that source allows any re-working freely, with its
explicit copyright added to the squid bunch.

Amos
Received on Wed Feb 06 2008 - 18:10:28 MST