Re: [pcp] pmlc access control, was Re: PCP Updates: qa fallout from ipv6

To:	"Frank Ch. Eigler" <fche@xxxxxxxxxx>
Subject:	Re: [pcp] pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc
From:	Nathan Scott <nathans@xxxxxxxxxx>
Date:	Thu, 20 Feb 2014 17:56:25 -0500 (EST)
Cc:	pcp@xxxxxxxxxxx
Delivered-to:	pcp@xxxxxxxxxxx
In-reply-to:	<y0meh2xmtb9.fsf_-_@xxxxxxxx>
References:	<52FE5058.4030702@xxxxxxxxxx> <y0mmwhoqu69.fsf@xxxxxxxx> <757832688.10280462.1392753861578.JavaMail.zimbra@xxxxxxxxxx> <896174788.10421447.1392770006295.JavaMail.zimbra@xxxxxxxxxx> <5304D039.9010708@xxxxxxxxxx> <1347098955.12246278.1392874951684.JavaMail.zimbra@xxxxxxxxxx> <530612EC.8020206@xxxxxxxxxx> <y0meh2xmtb9.fsf_-_@xxxxxxxx>
Reply-to:	Nathan Scott <nathans@xxxxxxxxxx>
Thread-index:	mnCo+Sj1k38nSmX1Xb9GIGmjgBipKQ==
Thread-topic:	pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc


----- Original Message -----
> [...]
> To secure pmlogger across AF_UNIX, it's not enough to put the sockets
> into variously owned owned directories.  /var/lib/pcp/tmp is currently
> world-readable, and the socket's own permissions may or may not be

Its /var/lib/pcp/tmp/pmlogger though isn't it?  We could install that 770
with no trouble, nowadays, I think...?  (and likewise for pmie)

cheers.

--
Nathan

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [pcp] PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, (continued) Re: [pcp] PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Dave Brolley Re: [pcp] PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Nathan Scott Re: [pcp] PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Dave Brolley pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Frank Ch. Eigler Re: [pcp] pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Ken McDonell Re: [pcp] pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Nathan Scott Re: pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Frank Ch. Eigler Re: [pcp] pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Nathan Scott Re: [pcp] pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Frank Ch. Eigler pmie hostname handling bugs (was Re: [pcp] pmlc access control, was [something else again]), Nathan Scott Re: [pcp] pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Nathan Scott <= Re: [pcp] pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Dave Brolley Re: [pcp] pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Nathan Scott Re: [pcp] pmlc access control, Nathan Scott Re: [pcp] PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Nathan Scott Re: [pcp] PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Dave Brolley

Previous by Date:	Re: pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Frank Ch. Eigler
Next by Date:	Re: [pcp] pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Nathan Scott
Previous by Thread:	pmie hostname handling bugs (was Re: [pcp] pmlc access control, was [something else again]), Nathan Scott
Next by Thread:	Re: [pcp] pmlc access control, was Re: PCP Updates: qa fallout from ipv6/unix sockets for pmlogger and pmlc, Dave Brolley
Indexes:	[Date] [Thread] [Top] [All Lists]