On Thu, Jul 17, 2008 at 12:51:02PM +1000, Simon Burge wrote: > Bill Stouder-Studenmund wrote: > > > A cleaner way to do this is, back whe you know the path, do a getfh() on > > the path and get the file handle. Then fhopen() works for you. And if > > you're a backup daemon, chances are you're running as root already. > > Just to get picky on the last sentence, I do my dump(8) backups as group > operator, not as root. :) Hmmm.... I'm not sure if that's more secure or not. The process's not running as root, but "operator" has to be given fairly inimate access for dump to work. If we had "capabilities", I think getfh() and fhopen() would each make good capabilities. Take care, Bill
Attachment:
pgpRVtXJ_MoCl.pgp
Description: PGP signature