Commit | Line | Data |
---|---|---|
388e0319 MW |
1 | .\" -*-nroff-*- |
2 | .\". | |
3 | .\" Manual for the server | |
4 | .\" | |
5 | .\" (c) 2008 Straylight/Edgeware | |
6 | .\" | |
7 | . | |
8 | .\"----- Licensing notice --------------------------------------------------- | |
9 | .\" | |
10 | .\" This file is part of Trivial IP Encryption (TrIPE). | |
11 | .\" | |
11ad66c2 MW |
12 | .\" TrIPE is free software: you can redistribute it and/or modify it under |
13 | .\" the terms of the GNU General Public License as published by the Free | |
14 | .\" Software Foundation; either version 3 of the License, or (at your | |
15 | .\" option) any later version. | |
388e0319 | 16 | .\" |
11ad66c2 MW |
17 | .\" TrIPE is distributed in the hope that it will be useful, but WITHOUT |
18 | .\" ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | |
19 | .\" FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
20 | .\" for more details. | |
388e0319 MW |
21 | .\" |
22 | .\" You should have received a copy of the GNU General Public License | |
11ad66c2 | 23 | .\" along with TrIPE. If not, see <https://www.gnu.org/licenses/>. |
388e0319 MW |
24 | . |
25 | .\"-------------------------------------------------------------------------- | |
e99aedcf | 26 | .so ../common/defs.man \" @@@PRE@@@ |
388e0319 MW |
27 | . |
28 | .\"-------------------------------------------------------------------------- | |
0647ba7c | 29 | .TH tripe-privhelper 8tripe "28 April 2008" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption" |
388e0319 MW |
30 | . |
31 | .\"-------------------------------------------------------------------------- | |
32 | .SH "NAME" | |
33 | . | |
34 | tripe-privhelper \- privilege-separation helper program | |
35 | . | |
36 | .\"-------------------------------------------------------------------------- | |
37 | .SH "SYNOPSIS" | |
38 | . | |
39 | This program communicates using a binary protocol over a Unix-domain | |
40 | socket on file descriptor 0. It is not intended to be run | |
41 | interactively. | |
42 | . | |
43 | .\"-------------------------------------------------------------------------- | |
44 | .SH "DESCRIPTION" | |
45 | . | |
46 | The | |
47 | .BR tripe (8) | |
48 | server usually needs superuser privileges in order to open new tunnel | |
49 | devices, through which it collects and emits network packets. In order | |
50 | to prevent the whole system needing to be run as root, the server splits | |
51 | off a child process and then drops its privileges; the child process | |
52 | runs this program. | |
53 | .PP | |
54 | The | |
55 | .B tripe-privhelper | |
56 | program reads requests for tunnel devices on file descriptor 0 and | |
57 | responds with appropriate file descriptors (using Unix-domain socket | |
58 | file descriptor passing: see | |
59 | .BR unix (7)) | |
60 | for correctly configured tunnel devices. | |
61 | . | |
62 | .\"-------------------------------------------------------------------------- | |
63 | .SH "BUGS" | |
64 | . | |
65 | The objective of the privilege separation model is to reduce the attack | |
66 | surface for the code running with superuser privileges down to a simple | |
67 | binary protocol. There may still be bugs in the small program which | |
68 | runs as root. | |
69 | .PP | |
70 | The `unprivileged' portion of the server still runs with the ability to | |
71 | read and write arbitrary data on tunnel devices. In particular, if | |
72 | compromised, it can inject arbitrary packets into the network. This is | |
73 | unfortunately inherent in the nature of a VPN server. | |
74 | . | |
75 | .\"-------------------------------------------------------------------------- | |
76 | .SH "SEE ALSO" | |
77 | . | |
78 | .BR tripe (8). | |
79 | .PP | |
80 | .IR "The Trivial IP Encryption Protocol" , | |
81 | .IR "The Wrestlers Protocol" . | |
82 | . | |
83 | .\"-------------------------------------------------------------------------- | |
84 | .SH "AUTHOR" | |
85 | . | |
86 | Mark Wooding, <mdw@distorted.org.uk> | |
87 | . | |
88 | .\"----- That's all, folks -------------------------------------------------- |