On Tue, Jun 30, 2009 at 06:35:45PM +0200, Karel Zak wrote: > > We already try to connect to the uuidd daemon first, and then check > > for the uuidd daemon's existence, before doing the fork/exec. So the > > failure case you are worried about only occurs when (a) the uuidd > > daemon is installed, but (b) the uuidd daemon is not running, and (c) > > it is not installed setuid. > > yes, I care about (c). Well, you need (a), (b), and (c) to be true for there to be a problem. I don't know how often on various distro's that people would install uuidd but not use it; it depends on whether uuidd is packaged up as a separate subpackage or not, I suspect. > > We could add some code that checks to see if daemon is setuid or > > setgid, and if it is not, that the current user has access to > > /var/run/libuuidd (I think a dynamic run-time test is suprior to a > > static compile-time switch). > > Yes. OK, I'll whip up a patch... - Ted -- To unsubscribe from this list: send the line "unsubscribe util-linux-ng" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
