Date: Sun, 20 Oct 2002 08:40:02 -0700 (PDT) From: Thomas Hurst <freaky@aagh.net> To: freebsd-ports@FreeBSD.org Subject: Re: ports/43171: Port misc/upclient setgid kmem Message-ID: <200210201540.g9KFe2sA084688@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/43171; it has been noted by GNATS. From: Thomas Hurst <freaky@aagh.net> To: freebsd-gnats-submit@FreeBSD.org Cc: sluggo@unknown.nu Subject: Re: ports/43171: Port misc/upclient setgid kmem Date: Sun, 20 Oct 2002 16:33:27 +0100 Agreed; misc/upclient has no good reason to run as root if it's setgid kmem. It should either setuid() after creating it's pid file, or be started using su to nobody; the rc script will then use killall to terminate it. In fact, all it requires kmem for is to send the system idle percentage. This is liable to be removed, since it's pretty much completely useless (http://uptimes.wonko.com/forums/viewtopic.php?t=58). Let's not forget to remove it if it is (or a method of getting idle time is found that doesn't involve access to kmem). The following patch does not change functionality; it's only negitive point is if the user has more than one process called upclient, it will kill them all. They can always tweak the rc script to their taste, but need to be careful of ports/44253. Maybe installing upclient.sh.sample would be better? --- upclient/files/upclient.sh.old Mon Nov 19 13:07:56 2001 +++ upclient/files/upclient.sh Sun Oct 20 15:51:44 2002 @@ -54,7 +54,7 @@ "${config_path}." exit 72 fi - ${program_path} && + su -m nobody -c "${program_path}" && echo -n " ${program_file}" ;; stop) -- Thomas 'Freaky' Hurst - freaky@aagh.net - http://www.aagh.net/ - IT IS IN PROCESS: So wrapped up in red tape that the situation is almost hopeless. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210201540.g9KFe2sA084688>