7 Oct
2014
7 Oct
'14
3:50 a.m.
@ioerror says: Has anyone written a captive portal aware, privilege separated, uid zero free, security focused dhcp client in a type safe language?
One could write/compile the script in any language, use sudo within or change the perms and/or syscall uid checks for read-writing the tap, 67/68 port binding, ifconfig, route, etc to permit any arbitrary uid, and run it all in a jail. Some capabilities already exist in OS's today. Portal awareness would be a different scope. Tails or OpenBSD might be interested, as would anyone really, in particular if the protocol sends arbitrary data/commands, which the client/script then fails to lint and passes out to exec/params... Also from twitter: http://www.codelabs.ch/adhcp/