Re: [pcp] PCP Updates: pmlogger AF_UNIX socket for normal users; qa version check bump

["Frank Ch. Eigler" <fche@xxxxxxxxxx>]

Hi -


> [...]  Checking for just the same uid should suffice for
> full-access.  I think we'll also need to allow uid==zero, else we'll
> need to not risk breaking init scripts.

Yes, except that not all pmloggers will run from init scripts.  Maybe
just leave such policies to the config files instead of hard-coding.


> If/when the full-blown authentication exchange is done (like pmcd),
> we should add the user/group ACLs in here too [...]

(I guess, if someday someone can show a need.  I wouldn't rush.)


> > The same-UID one is arguable.  A person may want to prevent accidental
> > runtime modification of his logger, even by his own future processes.
> 
> That doesn't make sense to me.  Said person cannot prevent himself (?!)
> from sending signals to his own pmlogger, which can already cause change
> (e.g. start new volume via sighup, termination via sigkill, etc).

Yeah, I know it's a stretch.  But if we'll make it configurable, this
would fit in fine.  (Plus sighup/sigkill are more noticeable/traced
than pmlc-driven changes.)


- FChE