Le vendredi 10 dÃcembre 2004 Ã 09:31 +0100, Tomas Mraz a Ãcrit :
> On Thu, 2004-12-09 at 23:57 -0800, Jamie Zawinski wrote:
> > In FC3, lsof only seems to work properly if you are root.
> >
> > For example: the "ssh-agent" process is running as "jwz" and has the
> > file "/tmp/ssh-rZlWVC4461/agent.4461" open.
> >
> > If I run "lsof -p `pidof ssh-agent`" as root, it shows me this; if I run
> > it as jwz, it does not. This is wrong, since all processes and files
> > are owned by the same non-root user.
> I can confirm this too and it seems to me to be a bug.
>
> > I assume this is because of newly-paranoid permissions on
> > /proc/*/fd (in FC3, those are all owned by root instead of the
> > user running the process.)
> Not all processes have these owned by root. I think it happens only on
> such processes which changed it's uid
$ ll /usr/bin/ssh-agent
-rwxr-sr-x 1 root nobody 58332 sep 21 06:56 /usr/bin/ssh-agent
^
Why ?
Come from the .spec file :
%attr(2755,root,nobody) %{_bindir}/ssh-agent
> from root during their lives.
> The question is if this change was intentional and what was the reason
> for it if yes.
>
Because the process can read files with group == nobody.
> --
> Tomas Mraz <tmraz@xxxxxxxxxx>
>
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
