Re: Running PCP as non-root

To:	pcp@xxxxxxxxxxx
Subject:	Re: Running PCP as non-root
From:	"Nathan Scott" <nathans@xxxxxxxxxxxxxxxxxxxxxxxx>
Date:	Mon, 23 Oct 2000 12:31:09 -0400
In-reply-to:	Max Matveev <makc@xxxxxxx> "Re: Running PCP as non-root" (Oct 23, 12:18pm)
References:	<20001020100119.A7835@xxxxxxxxxxxxxxxxxxx> <10010221431.ZM84156@xxxxxxxxxxxxxxxxxxxxxxxx> <14835.37374.556589.216686@xxxxxxxxxxxxxxxxxxxxxx>
Sender:	owner-pcp@xxxxxxxxxxx

hi,

On Oct 23, 12:18pm, Max Matveev wrote:
> Subject: Re: Running PCP as non-root
> ...
> As far as changing the model, I don't see the reason (other then
> paranoia) to be non-priveleged because it will mean we would have to
> introduce a concept of "pcp" user (remeber, init scripts are all
> started by root and unless we specifically change uid, we're not going
> to get any advantage here).

could we just become user "nobody" rather than creating a new
"pcp" user?  (and if that failed fall back to root?)

> ... It will also mean that should in the
> future we'd have to make some kind of fancy ioctl-ing, it may not work
> from the non-priveleged user and Linux doesn't have capabilities
> yet. Or does it?
> 

that could be done as a separate (setuid) pmda if the need arose?
- hopefully it wont - and ioctl doesn't always require root...
(just need to be able to open the file passed in thru ioctl arg1).

cheers.

-- 
Nathan

<Prev in Thread]	Current Thread	[Next in Thread>
Running PCP as non-root, lemming Re: Running PCP as non-root, Nathan Scott Re: Running PCP as non-root, Max Matveev Message not available Re: Running PCP as non-root, Nathan Scott <= Re: Running PCP as non-root, Mark Goodwin Re: Running PCP as non-root, lemming

Previous by Date:	Re: Running PCP as non-root, Max Matveev
Next by Date:	Re: Running PCP as non-root, Mark Goodwin
Previous by Thread:	Re: Running PCP as non-root, Max Matveev
Next by Thread:	Re: Running PCP as non-root, Mark Goodwin
Indexes:	[Date] [Thread] [Top] [All Lists]