Date: Thu, 7 Jun 2012 09:27:59 +0200 From: Ed Schouten <ed@80386.nl> To: Pawel Jakub Dawidek <pjd@freebsd.org> Cc: freebsd-hackers@freebsd.org, Jilles Tjoelker <jilles@stack.nl>, Bryan Drewery <bryan@shatow.net> Subject: Re: [RFC] last(1) with security.bsd.see_other_uids support Message-ID: <CAJOYFBDK0o7QbUera%2BtTq90yb13xuUvMosK6OzASO7uZqgZmSw@mail.gmail.com> In-Reply-To: <20120606112011.GB1381@garage.freebsd.pl> References: <4FCC126C.1020600@shatow.net> <20120605213101.GA13339@stack.nl> <20120606112011.GB1381@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
2012/6/6 Pawel Jakub Dawidek <pjd@freebsd.org>: > Any privileged daemon is much bigger threat. Also, do we really want a > daemon running all the time just to be able to parse utx files? Well, if you think of it, it's not a very strange idea: - You can simply get rid of /var/run/utx.active. There's no need for this to be written to disk. It can just stay in memory. - You can use devd to track the destruction of TTYs, so you can automatically garbage collect stale entries for pseudo-terminals. Right now a `killall -9 xterm' may leave stale entries behind. - The other files aren't _that_ big. On FreeBSD, utx.log only stores entries for the last month. Especially if you implement getutxid()/getutxuser() as separate calls, much of the filtering is already done by the daemon. -- Ed Schouten <ed@80386.nl>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJOYFBDK0o7QbUera%2BtTq90yb13xuUvMosK6OzASO7uZqgZmSw>