Commit | Line | Data |
---|---|---|
388e0319 MW |
1 | .\" -*-nroff-*- |
2 | .\". | |
3 | .\" Manual for the server | |
4 | .\" | |
5 | .\" (c) 2008 Straylight/Edgeware | |
6 | .\" | |
7 | . | |
8 | .\"----- Licensing notice --------------------------------------------------- | |
9 | .\" | |
10 | .\" This file is part of Trivial IP Encryption (TrIPE). | |
11 | .\" | |
12 | .\" TrIPE is free software; you can redistribute it and/or modify | |
13 | .\" it under the terms of the GNU General Public License as published by | |
14 | .\" the Free Software Foundation; either version 2 of the License, or | |
15 | .\" (at your option) any later version. | |
16 | .\" | |
17 | .\" TrIPE is distributed in the hope that it will be useful, | |
18 | .\" but WITHOUT ANY WARRANTY; without even the implied warranty of | |
19 | .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
20 | .\" GNU General Public License for more details. | |
21 | .\" | |
22 | .\" You should have received a copy of the GNU General Public License | |
23 | .\" along with TrIPE; if not, write to the Free Software Foundation, | |
24 | .\" Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | |
25 | . | |
26 | .\"-------------------------------------------------------------------------- | |
e99aedcf | 27 | .so ../common/defs.man \" @@@PRE@@@ |
388e0319 MW |
28 | . |
29 | .\"-------------------------------------------------------------------------- | |
0647ba7c | 30 | .TH tripe-privhelper 8tripe "28 April 2008" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption" |
388e0319 MW |
31 | . |
32 | .\"-------------------------------------------------------------------------- | |
33 | .SH "NAME" | |
34 | . | |
35 | tripe-privhelper \- privilege-separation helper program | |
36 | . | |
37 | .\"-------------------------------------------------------------------------- | |
38 | .SH "SYNOPSIS" | |
39 | . | |
40 | This program communicates using a binary protocol over a Unix-domain | |
41 | socket on file descriptor 0. It is not intended to be run | |
42 | interactively. | |
43 | . | |
44 | .\"-------------------------------------------------------------------------- | |
45 | .SH "DESCRIPTION" | |
46 | . | |
47 | The | |
48 | .BR tripe (8) | |
49 | server usually needs superuser privileges in order to open new tunnel | |
50 | devices, through which it collects and emits network packets. In order | |
51 | to prevent the whole system needing to be run as root, the server splits | |
52 | off a child process and then drops its privileges; the child process | |
53 | runs this program. | |
54 | .PP | |
55 | The | |
56 | .B tripe-privhelper | |
57 | program reads requests for tunnel devices on file descriptor 0 and | |
58 | responds with appropriate file descriptors (using Unix-domain socket | |
59 | file descriptor passing: see | |
60 | .BR unix (7)) | |
61 | for correctly configured tunnel devices. | |
62 | . | |
63 | .\"-------------------------------------------------------------------------- | |
64 | .SH "BUGS" | |
65 | . | |
66 | The objective of the privilege separation model is to reduce the attack | |
67 | surface for the code running with superuser privileges down to a simple | |
68 | binary protocol. There may still be bugs in the small program which | |
69 | runs as root. | |
70 | .PP | |
71 | The `unprivileged' portion of the server still runs with the ability to | |
72 | read and write arbitrary data on tunnel devices. In particular, if | |
73 | compromised, it can inject arbitrary packets into the network. This is | |
74 | unfortunately inherent in the nature of a VPN server. | |
75 | . | |
76 | .\"-------------------------------------------------------------------------- | |
77 | .SH "SEE ALSO" | |
78 | . | |
79 | .BR tripe (8). | |
80 | .PP | |
81 | .IR "The Trivial IP Encryption Protocol" , | |
82 | .IR "The Wrestlers Protocol" . | |
83 | . | |
84 | .\"-------------------------------------------------------------------------- | |
85 | .SH "AUTHOR" | |
86 | . | |
87 | Mark Wooding, <mdw@distorted.org.uk> | |
88 | . | |
89 | .\"----- That's all, folks -------------------------------------------------- |