dhcpd dhclient-script shell security

grarpamp grarpamp at gmail.com
Mon Oct 6 11:50:21 PDT 2014


> @ioerror says:
> Has anyone written a captive portal aware, privilege separated, uid
> zero free, security focused dhcp client in a type safe language?

One could write/compile the script in any language, use sudo within
or change the perms and/or syscall uid checks for read-writing the
tap, 67/68 port binding, ifconfig, route, etc to permit any arbitrary uid,
and run it all in a jail. Some capabilities already exist in OS's today.

Portal awareness would be a different scope.

Tails or OpenBSD might be interested, as would anyone really, in
particular if the protocol sends arbitrary data/commands, which the
client/script then fails to lint and passes out to exec/params...

Also from twitter:
http://www.codelabs.ch/adhcp/



More information about the cypherpunks mailing list