--- Andrey S Pankov <casper@kbuapa.kharkov.ua> wrote: > And what about (NOT implemented yet)?.. > [Gatekeeper::Main] > LogFile= > TraceLevel= > ...which also need to be loaded before config file > is initialized. > If we are root, we can change ownership on logfile > before dropping privileges, We could. > but if we are suid root it is not possible I > think... Yes it is. But we aren't talking about running suid root anyway. > It will be nice to have LogFileMode= option and > PidFile= option, just for > completeness "Just for completeness" is no reason at all. It's just "featuritis" - pointless feature-bloat. > I thing one doesn't need so "descriptive" config > vars, I'd rather like them to > be: > # > # User/Group: The name (or #number) of the > user/group to run GnuGK as. Well, this is moot. But considering the GateKeeper already has a concept of a "User" (as in "caller") then I strongly disagree here anyway. Descriptive is good. It stops users getting confused. > > Also I would rather skip test for > IsPrivilegedUser() - is it necessary? > > One MUST have root privileges to switch (e.g. be > setuid root), but it is not > necessary to check if we are 'root' as > PProcess::SetUserName / SetGroupName() > returns FALSE on failure. The purpose of the setuid() call is not to be "setuid root" but to stop being root *permanently*. As such, we *care* if SetUserName() fails if we are root, and don't expect SetUserName() to work at all if we are not. So it's not enough to check if SetUserName() fails. For reference, setuid() sets the real, effective and saved UIDs all at once, and is what /bin/login does. Chris ________________________________________________________________________ Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://mail.messenger.yahoo.co.uk ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ List: Openh323gk-users@lists.sourceforge.net Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
