mDNSMacOSX/README.privsep

   1 On Mac OS X, mDNSResponder now runs with user-ID and group-ID
   2 "_mdnsresponder". In order to perform certain privileged operations, a
   3 helper (unimagintively called mDNSResponderHelper) runs as root when
   4 needed and handles requests from mDNSResponder.
   5
   6
   7 * A new LaunchD job com.apple.mDNSResponderHelper starts
   8   mDNSResponderHelper on demand.  The helper exits after approximately
   9   10 seconds of idle time.
  10
  11 * The com.apple.mDNSResponder LaunchD job specifies the account under
  12   which to run, so that mDNSResponder starts as _mdnsresponder.  When
  13   run as root--- e.g. from the command line with `sudo'---
  14   mDNSResponder drops privileges itself.
  15
  16 * A subdirectory named "mdns" and owned by _mdnsresponder has been
  17   created in /var/run.  The PID file and uDNS server socket has been
  18   moved to that subdirectory.
  19
  20 * There are currently six remote procedure calls handled by
  21   mDNSResponderHelper: mDNSDynamicStoreSetConfig,
  22   mDNSPreferencesSetName, mDNSKeychainGetSecrets,
  23   mDNSAutoTunnelInterfaceUpDown, mDNSConfigureServer, and
  24   mDNSAutoTunnelSetKeys
  25
  26 * mDNSDynamicStoreSetConfig allows mDNSResponder to set the
  27   MulticastDNS, PrivateDNS, or DynamicDNS configurations.
  28
  29 * mDNSPreferencesSetName allows mDNSResponder to set the computer name
  30   or local host name, and displays a notification if there was a
  31   conflict.
  32
  33 * mDNSKeychainGetSecrets causes mDNSResponderHelper to collect DNS
  34   keys from the system keychain.  SetDomainSecrets uses the result to
  35   populate AuthInfoList.  One could refactor this code further so that
  36   mDNSResponderHelper performs all the cryptographic operations, with
  37   the result that a compromise of mDNSResponder does not compromise
  38   keys.  But I think that may be more change than is advisable at this
  39   point.
  40
  41 * On the advice of the Security.framework team, I've used
  42   SecKeychainSetPreferenceDomain to ensure that the system keychain is
  43   references whenever a NULL SecKeychainRef is used.  Wherever a
  44   SecKeychainRef is needed, NULL is now specified.
  45
  46 * mDNSAutoTunnelInterfaceUpDown, mDNSConfigureServer, and
  47   mDNSAutoTunnelSetKeys do various setup and teardown for BTMM.