Re: security issues and design of pmcd

pcp

Re: security issues and design of pmcd

To:	Thomas Biege <thomas@xxxxxxx>
Subject:	Re: security issues and design of pmcd
From:	fche@xxxxxxxxxx (Frank Ch. Eigler)
Date:	Mon, 01 Oct 2012 15:56:13 -0400
Cc:	pcp@xxxxxxxxxxx
In-reply-to:	<1349091920.14839.47.camel@xxxxxxxxxxxxxxxxxx> (Thomas Biege's message of "Mon, 01 Oct 2012 13:45:20 +0200")
References:	<1349091920.14839.47.camel@xxxxxxxxxxxxxxxxxx>
User-agent:	Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (gnu/linux)

thomas wrote:

> [...]  Would it be possible to run the code that processes the
> network data without UID and GID 0? [...]

We've started thinking about this problem some time ago, and will
start working on it shortly.  My favorite approach so far is to have
pmcd run as an unprivileged user, talking to & managing
differently-privileged PMDA processes as configured (or requested by
an authenticated remote pmcd user).

- FChE

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
security issues and design of pmcd, Thomas Biege Re: security issues and design of pmcd, Frank Ch. Eigler <= Re: security issues and design of pmcd, Thomas Biege Re: security issues and design of pmcd, Frank Ch. Eigler Re: security issues and design of pmcd, Thomas Biege Re: [pcp] security issues and design of pmcd, Nathan Scott Re: [pcp] security issues and design of pmcd, Thomas Biege Re: [pcp] security issues and design of pmcd, Nathan Scott Re: [pcp] security issues and design of pmcd, Thomas Biege Re: [pcp] security issues and design of pmcd, Nathan Scott

Previous by Date:	security issues and design of pmcd, Thomas Biege
Next by Date:	[pcp] qa/041 fix, Tomas Dohnalek
Previous by Thread:	security issues and design of pmcd, Thomas Biege
Next by Thread:	Re: security issues and design of pmcd, Thomas Biege
Indexes:	[Date] [Thread] [Top] [All Lists]