userv 1.1.1 / usr / share / doc / userv / spec.html / ch-intro.html

This file is indexed.

/usr/share/doc/userv/spec.html/ch-intro.html is in userv 1.1.1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">

<html>

<head>

<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">

<title>User service daemon and client specification - Introduction</title>

<link href="index.html" rel="start">
<link href="index.html" rel="prev">
<link href="ch-client.html" rel="next">
<link href="index.html#contents" rel="contents">
<link href="index.html#copyright" rel="copyright">
<link href="ch-intro.html" rel="chapter" title="1 Introduction">
<link href="ch-client.html" rel="chapter" title="2 Client program usage">
<link href="ch-envir.html" rel="chapter" title="3 Execution environment of the service program">
<link href="ch-config.html" rel="chapter" title="4 Service-side configuration">
<link href="ch-ipass.html" rel="chapter" title="5 Information passed through the client/daemon combination">
<link href="ch-notes.html" rel="chapter" title="6 Applications and notes on use">
<link href="ch-client.html#s2.1" rel="section" title="2.1 Options">
<link href="ch-client.html#s-optoverride" rel="section" title="2.2 Security-overriding options">
<link href="ch-envir.html#s3.1" rel="section" title="3.1 File descriptors">
<link href="ch-envir.html#s3.2" rel="section" title="3.2 Environment">
<link href="ch-config.html#s4.1" rel="section" title="4.1 Configuration file syntax">
<link href="ch-config.html#s-directives" rel="section" title="4.2 Configuration file directives">
<link href="ch-config.html#s-configerrors" rel="section" title="4.3 Errors in the configuration file">
<link href="ch-config.html#s-defaults" rel="section" title="4.4 Defaults">
<link href="ch-notes.html#s-examples" rel="section" title="6.1 Examples">
<link href="ch-notes.html#s-standards" rel="section" title="6.2 Standard services and directory management">
<link href="ch-notes.html#s-reducepriv" rel="section" title="6.3 Reducing the number of absolutely privileged subsystems">
<link href="ch-notes.html#s-noexcess" rel="section" title="6.4 Do not give away excessive privilege to userv-using facilities">
<link href="ch-notes.html#s-notreally" rel="section" title="6.5 userv can often replace sudo, but not really">
<link href="ch-notes.html#s-stdinerr" rel="section" title="6.6 Error handling and input streams (eg stdin)">
<link href="ch-notes.html#s-nogeneral" rel="section" title="6.7 Don't give access to general-purpose utilities">
<link href="ch-config.html#s-dirs-immediate" rel="subsection" title="4.2.1 Immediate directives">
<link href="ch-config.html#s-dirs-delayed" rel="subsection" title="4.2.2 Directives with delayed effect">
<link href="ch-config.html#s-dirs-control" rel="subsection" title="4.2.3 Control structure directives">
<link href="ch-config.html#s-dirs-execution" rel="subsection" title="4.2.4 Directives for changing execution settings">

</head>

<body>

<p><a name="ch-intro"></a></p>
<hr>

<p>
[ <a href="index.html">previous</a> ]
[ <a href="index.html#contents">Contents</a> ]
[ 1 ]
[ <a href="ch-client.html">2</a> ]
[ <a href="ch-envir.html">3</a> ]
[ <a href="ch-config.html">4</a> ]
[ <a href="ch-ipass.html">5</a> ]
[ <a href="ch-notes.html">6</a> ]
[ <a href="ch-client.html">next</a> ]
</p>

<hr>

<h1>
User service daemon and client specification
<br>Chapter 1 - Introduction
</h1>

<hr>

<p>
There is a daemon which invokes user service programs (henceforth `services')
in response to requests by callers of a companion client program (henceforth
the `client') and according to rules set forth in system-wide and user-specific
configuration files.  The companion client program is setuid root, and
negotiates with the daemon through an <code>AF_UNIX</code> socket and
associated objects in a system-wide private directory set aside for the
purpose.  The user who wishes the service to be performed and calls the client
is called the `calling user'; the process which calls the client is called the
`calling process'.
</p>

<p>
The daemon and the client are responsible for ensuring that information is
safely carried across the security boundary between the two users, and that the
processes on either side cannot interact with each other in any unexpected
ways.
</p>

<hr>

<p>
[ <a href="index.html">previous</a> ]
[ <a href="index.html#contents">Contents</a> ]
[ 1 ]
[ <a href="ch-client.html">2</a> ]
[ <a href="ch-envir.html">3</a> ]
[ <a href="ch-config.html">4</a> ]
[ <a href="ch-ipass.html">5</a> ]
[ <a href="ch-notes.html">6</a> ]
[ <a href="ch-client.html">next</a> ]
</p>

<hr>

<p>
User service daemon and client specification
</p>

<address>
1.1.1<br>
<br>
Ian Jackson <code><a href="mailto:ian@davenant.greenend.org.uk">ian@davenant.greenend.org.uk</a></code><br>
<br>
</address>
<hr>

</body>

</html>

APT Browse - Built by Thomas Orozco.