[CRIU] Hardening the criu service daemon
Cyrill Gorcunov
gorcunov at gmail.com
Fri Sep 11 06:48:34 PDT 2015
On Fri, Sep 11, 2015 at 04:30:43PM +0300, Pavel Emelyanov wrote:
> >
> > Currently, both are equally insecure. Making the binary SUID isn't even
> > documented, as far as I know.
>
> It is at the http://criu.org/Security page. Probably not as good as it could be,
> but still it's there.
Guys, I might be completely wrong but it seems our rpc mechanism
(while doing exactly what it been designed for) still missing one
of the key feature -- some kind of authentication and authorization.
Is there some well-known framework/library which could be used for
such purposes (including "talking" to the daemon via secure layer).
Or I'm completely out of topic?
More information about the CRIU
mailing list