1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
7 <meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
9 <title>User service daemon and client specification</title>
18 [ <a href="ch-notes.html">previous</a> ]
19 [ <a href="index.html#contents">Contents</a> ]
20 [ <a href="ch-intro.html">1</a> ]
21 [ <a href="ch-client.html">2</a> ]
22 [ <a href="ch-envir.html">3</a> ]
23 [ <a href="ch-config.html">4</a> ]
24 [ <a href="ch-ipass.html">5</a> ]
25 [ <a href="ch-notes.html">6</a> ]
26 [ <a href="ch-intro.html">next</a> ]
31 User service daemon and client specification
37 <a name="abstract"></a>
41 This is a specification for a Unix system facility to allow one program to
42 invoke another when only limited trust exists between them.
46 <a name="copyright"></a>
47 <h2>Copyright Notice</h2>
50 <code>userv</code> is Copyright 1996-2003 Ian Jackson.
53 <code>userv</code> is free software; you can redistribute it and/or modify it
54 under the terms of the GNU General Public License as published by the Free
55 Software Foundation; either version 2 of the License, or (at your option) any
59 This program is distributed in the hope that it will be useful, but <em>without
60 any warranty</em>; without even the implied warranty of
61 <em>merchantability</em> or <em>fitness for a particular purpose</em>. See the
62 GNU General Public License for more details.
65 You should have received a copy of the GNU General Public License along with
66 <code>userv</code>; if not, write to the Free Software Foundation, 59 Temple
67 Place - Suite 330, Boston, MA 02111-1307, USA.
71 <a name="contents"></a>
75 <li><a href="ch-intro.html">1 Introduction</a></li>
76 <li><a href="ch-client.html">2 Client program usage</a></li>
78 <li><a href="ch-client.html#s2.1">2.1 Options</a></li>
79 <li><a href="ch-client.html#s-optoverride">2.2 Security-overriding options</a></li>
81 <li><a href="ch-envir.html">3 Execution environment of the service program</a></li>
83 <li><a href="ch-envir.html#s3.1">3.1 File descriptors</a></li>
84 <li><a href="ch-envir.html#s3.2">3.2 Environment</a></li>
86 <li><a href="ch-config.html">4 Service-side configuration</a></li>
88 <li><a href="ch-config.html#s4.1">4.1 Configuration file syntax</a></li>
89 <li><a href="ch-config.html#s-directives">4.2 Configuration file directives</a></li>
90 <li><a href="ch-config.html#s-configerrors">4.3 Errors in the configuration file</a></li>
91 <li><a href="ch-config.html#s-defaults">4.4 Defaults</a></li>
93 <li><a href="ch-ipass.html">5 Information passed through the client/daemon combination</a></li>
94 <li><a href="ch-notes.html">6 Applications and notes on use</a></li>
96 <li><a href="ch-notes.html#s-examples">6.1 Examples</a></li>
97 <li><a href="ch-notes.html#s-standards">6.2 Standard services and directory management</a></li>
98 <li><a href="ch-notes.html#s-reducepriv">6.3 Reducing the number of absolutely privileged subsystems</a></li>
99 <li><a href="ch-notes.html#s-noexcess">6.4 Do not give away excessive privilege to <code>userv</code>-using facilities</a></li>
100 <li><a href="ch-notes.html#s-notreally">6.5 <code>userv</code> can often replace <code>sudo</code>, but not <code>really</code></a></li>
101 <li><a href="ch-notes.html#s-stdinerr">6.6 Error handling and input streams (eg stdin)</a></li>
102 <li><a href="ch-notes.html#s-nogeneral">6.7 Don't give access to general-purpose utilities</a></li>
108 [ <a href="ch-notes.html">previous</a> ]
109 [ <a href="index.html#contents">Contents</a> ]
110 [ <a href="ch-intro.html">1</a> ]
111 [ <a href="ch-client.html">2</a> ]
112 [ <a href="ch-envir.html">3</a> ]
113 [ <a href="ch-config.html">4</a> ]
114 [ <a href="ch-ipass.html">5</a> ]
115 [ <a href="ch-notes.html">6</a> ]
116 [ <a href="ch-intro.html">next</a> ]
121 User service daemon and client specification
125 Ian Jackson <code><a href="mailto:ian@davenant.greenend.org.uk">ian@davenant.greenend.org.uk</a></code>