From owner-freebsd-ports  Sun Oct 20  8:40: 4 2002
Delivered-To: freebsd-ports@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 52A0A37B401
	for <freebsd-ports@hub.freebsd.org>; Sun, 20 Oct 2002 08:40:03 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0BF6743E75
	for <freebsd-ports@hub.freebsd.org>; Sun, 20 Oct 2002 08:40:03 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g9KFe2x3084689
	for <freebsd-ports@freefall.freebsd.org>; Sun, 20 Oct 2002 08:40:02 -0700 (PDT)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g9KFe2sA084688;
	Sun, 20 Oct 2002 08:40:02 -0700 (PDT)
Date: Sun, 20 Oct 2002 08:40:02 -0700 (PDT)
Message-Id: <200210201540.g9KFe2sA084688@freefall.freebsd.org>
To: freebsd-ports@FreeBSD.org
Cc: 
From: Thomas Hurst <freaky@aagh.net>
Subject: Re: ports/43171: Port misc/upclient setgid kmem
Reply-To: Thomas Hurst <freaky@aagh.net>
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ports.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ports>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ports>
X-Loop: FreeBSD.org

The following reply was made to PR ports/43171; it has been noted by GNATS.

From: Thomas Hurst <freaky@aagh.net>
To: freebsd-gnats-submit@FreeBSD.org
Cc: sluggo@unknown.nu
Subject: Re: ports/43171: Port misc/upclient setgid kmem
Date: Sun, 20 Oct 2002 16:33:27 +0100

 Agreed; misc/upclient has no good reason to run as root if it's setgid
 kmem.  It should either setuid() after creating it's pid file, or be
 started using su to nobody; the rc script will then use killall to
 terminate it.
 
 In fact, all it requires kmem for is to send the system idle percentage.
 This is liable to be removed, since it's pretty much completely useless
 (http://uptimes.wonko.com/forums/viewtopic.php?t=58).  Let's not forget
 to remove it if it is (or a method of getting idle time is found that
 doesn't involve access to kmem).
 
 The following patch does not change functionality; it's only negitive
 point is if the user has more than one process called upclient, it will
 kill them all. They can always tweak the rc script to their taste, but
 need to be careful of ports/44253.
 
 Maybe installing upclient.sh.sample would be better?
 
 --- upclient/files/upclient.sh.old Mon Nov 19 13:07:56 2001
 +++ upclient/files/upclient.sh     Sun Oct 20 15:51:44 2002
 @@ -54,7 +54,7 @@
                         "${config_path}."
                  exit 72
         fi
 -        ${program_path} &&
 +        su -m nobody -c "${program_path}" &&
          echo -n " ${program_file}"
          ;;
  stop)
 
 -- 
 Thomas 'Freaky' Hurst  -  freaky@aagh.net  -  http://www.aagh.net/
 -
 IT IS IN PROCESS:
 	So wrapped up in red tape that the situation is almost hopeless.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message