pcp
[Top] [All Lists]

PCP Updates: Check user credentials for pmlogger control connections via

To: pcp@xxxxxxxxxxx
Subject: PCP Updates: Check user credentials for pmlogger control connections via AF_UNIX
From: Dave Brolley <brolley@xxxxxxxxxx>
Date: Tue, 18 Mar 2014 12:10:44 -0400
Delivered-to: pcp@xxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
This change implements a simple user credential check for pmlogger control connections via the AF_UNIX socket. The implementation (hopefully!) as discussed in

http://oss.sgi.com/pipermail/pcp/2014-March/004537.html

which is to initially accept connections from root (uid==0) and from the same user as the one running pmlogger. There is a bit of a grey area with the latter, as pmlogger is a setuid program which sometimes sets its effective user to be the 'pcp' user. In this initial implementation, I allowed connections from users with the same uid and euid as pmlogger.

As always the code is on the brolley/dev branch of pcpfans.

Dave
------------------------------------------------------------
commit f06a7f06b614feefea14f27b2723ed8606de9e8f
Author: Dave Brolley <brolley@xxxxxxxxxx>
Date:   Tue Mar 18 11:41:57 2014 -0400

For pmlogger control connections via AF_UNIX, check the connector's credentials.

    This initial implementation allows connections by root and
    by the same user as the one running pmlogger.

<Prev in Thread] Current Thread [Next in Thread>
  • PCP Updates: Check user credentials for pmlogger control connections via AF_UNIX, Dave Brolley <=