Privilege Revocation For setuid programs or daemons Revocation: 1. Use privs to allocate nasty resource ie. SOCK_RAW, reserved port, bpf, /dev/pf, utmp... 2. Use chroot() if possible 3. Revoke privs Doable in simple programs ping, ping6, portmap, rpc.rstatd, rpc.rusersd, pppoe traceroute, traceroute6, rwalld, pppd, spamd, afsd authpf, ftpd, tftpd, httpd, dhcpd, dhclient, mopd, rbootd NOTE: bpf write filters and locking Pretty easy to develop