--- Zygmuntowicz Michal <m.zygmuntowicz@onet.pl> wrote: > I think we can use PWLib PProcess::SetUserName() and > PProcess::SetGroupName(). I will need to check that they "Do The Right Thing" first. This is supposed to be a security feature, after all. > Also, both uid and gid should be configurable. The group is already configurable, via the OS. I don't think that it's a good idea to allow the operator to specify a group to which the chosen user does not belong. At the moment, it reads the group ID that has been preassigned to the user ID. > The last problem is that if you specify > username/groupname from the config file, then gk > trace file will have uid/gid set to the original > user, because it is created before config file is > initialized. True. I solved this problem by creating a special subdirectory for the GateKeeper to put its trace file into: # mkdir /var/log/gnugk # chown gnugk:gnugk /var/log/gnugk This is also true of the PID file, of course: # mkdir /var/run/gnugk # chown gnugk:gnugk /var/run/gnugk > But I think it can be solved > by writting a small routine that will read > username/groupname from the config file > before regular intialization is performed. Err, the command line arguments are parsed before even the configuration file is read, so there's no need to consult the config file here at all. And since the "run as user" -u option is OS-related rather than GateKeeper-functionality-related (rather like the -o and --pid options), I'm not sure that it belongs in the config file any more than -o and --pid do. > As config variables I would recommend: > > [Gatekeeper::Main] > # user can be specified either by his name or by his > uid prefixed with '#' (like '#0' for root) > RunAsUser(or maybe DaemonUser)= Why would anyone need the '#uid' mode, when a user name is perfectly sufficient? There are no users with a uid but no name, so what does this add in practical terms? (You might just as well ask that the uid be writable in binary, octal or hex, too.) > Also I would rather skip test for IsPrivilegedUser() > - is it necessary? Yes, because only a privileged user can drop privileges in the first place. Otherwise, the user is going to see some worrying but unnecessary error messages. > Would like to provide the improved patch? I shall investigate, Cheers, Chris ________________________________________________________________________ Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://mail.messenger.yahoo.co.uk ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ List: Openh323gk-users@lists.sourceforge.net Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
