[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Privilege dropping for rtadvd
Le 07/07/13 01:55, Lars Schotte a écrit :
On Sat, 06 Jul 2013 23:47:46 +0200 Jean-Yves Migeon
If they upgrade the system but forget passwd/group, hmm, they are
shooting themselves in the foot; it is part of the
postinstall/etcupdate dance. IMHO the checks in the code are not
really worth it.
why? either it will run with the user nobody,
The last patch I saw was clearly checking for the presence of _rtadvd,
and if the getpwnam call failed, continue as usual (no setuid, no chroot).
Dropping to nobody is acceptable as failsafe; indeed not as good as
having a dedicated user, but ok. You still have to log for the absence
of _rtadvd though.
or the system can check if the user exists and if not, then create
it. like it does when you install some webserver or software like
that, so i do not see any problem in that
Bad idea for a daemon; it is something more suitable for the package
system rather than the daemon itself.
Main Index |
Thread Index |