Some privilege reduction patches
Martin Pitt
martin at piware.de
Wed Feb 15 02:21:33 PST 2006
Hi Richard!
Richard Hughes [2006-02-15 9:26 +0000]:
> On 14/02/06, Martin Pitt <martin at piware.de> wrote:
> > Also, it is now reasonable to run some of the helpers with reduced
> > privileges. E. g. the ACPI helper doesn't need root privileges since
> > it can happily read from acpid. This even helps to prevent some race
> > conditions between acpid and hal which apparently crash acpid in
> > Debian in some cases.
>
> What if you don't have acpid installed? I know a few people (myself
> included) who run hald without acpid, as acpi events are not being
> used by anything else. Wouldn't dropping the privileges stop the addon
> from reading /proc/acpi/event ?
Right, it would. As I said, these are only experimental patches for
now.
It seems that there should be a check:
* If the acpid.socket exists, then the helper should drop privs and
use it.
* Otherwise it should open the kernel interface directly and drop
privs after that (and just keep the open file descriptor around).
Martin
--
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntu.com
Debian Developer http://www.debian.org
In a world without walls and fences, who needs Windows and Gates?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.freedesktop.org/archives/hal/attachments/20060215/9dc0920f/attachment.pgp
More information about the hal
mailing list