Re: Inetd Enhancements - Include Directive

[Mouse <mouse%Rodents-Montreal.ORG@localhost>]

> We plan to use standard C glob() function as well as lstat() (for
> checking for regular files), so that symbolic links will work as
> well.

lstat()?  The rest of that sentence looks to me like a better match for
stat() rather than lstat().

> Any non-regular files (or non-symbolic links to regular files) will
> simply be skipped.

I would argue skipping hardlinks is a msitake.  If I want to share
config files between two inetds running with different root
directories, but on the same filesystem, hardlinking the configs
together strikes me as the obvious way to do it, and I think it should
work.  Almost nothing else insists that a plain file have no more than
one link (and in the few cases that do, I usually consider it a mistake
anyway).

Without a really good - and well-documented - reason, I would consider
such behaviour a bug that needed fixing.

Is there some attack this would stop that you don't see a better way to
stop?  I can't think of any such offhand, so, if so, I'd be interested
in what it is.

> Our current plan is to simply implement a max recursion depth, so
> that inetd will quit if the number of files included exceeds that
> depth.  This will prevent infinite cycles, while potentially allowing
> for a large number of configuration files to be included, but we're
> not sure what a reasonable default number would be.

Suggestion: provide a directive (!depthlimit?) that allows setting the
limit.

Also, what does it mean for inetd to "quit"?  Does it stop recursing,
or does it completely fail to start, or what?  Personally, I'd suggest
treating such a thing as an erroneous configuration, with all that
implies, preferably failing to start if it's the first startup or
griping and continuing with the old config if it's a reload.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B