[patch, RFC] don't run PCP daemons as root on the Linux platform

To:	pcp <pcp@xxxxxxxxxxx>
Subject:	[patch, RFC] don't run PCP daemons as root on the Linux platform
From:	Mark Goodwin <mgoodwin@xxxxxxxxxx>
Date:	Wed, 04 May 2011 16:57:55 +1000
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110428 Fedora/3.1.10-1.fc14 Thunderbird/3.1.10

[This patch isn't finished yet, but I'm soliciting comments
before I take it any further]

PCP daemons on the Linux platform don't need to be run as the
root user - we can and should reduce the potential for security
issues by running these daemons as a "pcp" user. That includes
pmcd, pmlogger, pmie, pmproxy and PMDAs running as daemons.
This has popped up several times over the years and is something
we really should do before deploying PCP in serious enterprise
level environments.

This patch still needs work in pmdaproc.sh and a few other
areas (configure.in, non-Linux platforms, QA, etc), but it's
functional on Fedora so far as a proof of concept.

--

pcp_user.patch
Description: Text document

<Prev in Thread]	Current Thread	[Next in Thread>
[patch, RFC] don't run PCP daemons as root on the Linux platform, Mark Goodwin <= Re: [pcp] [patch, RFC] don't run PCP daemons as root on the Linux platform, Nathan Scott

Previous by Date:	pcp updates, Ken McDonell
Next by Date:	Re: [pcp] [patch, RFC] don't run PCP daemons as root on the Linux platform, Nathan Scott
Previous by Thread:	I27 ALQUILER PARA GRUPO HOTELERO, La Capitana4
Next by Thread:	Re: [pcp] [patch, RFC] don't run PCP daemons as root on the Linux platform, Nathan Scott
Indexes:	[Date] [Thread] [Top] [All Lists]