[Pm-utils] [RFC] [patch review] Hook independence and security fixups, part 1
Victor Lowther
victor.lowther at gmail.com
Fri Feb 1 10:07:35 PST 2008
After the intense (for this list, anyways) discussion, I am a little
hesitant to ask for comments on yet another patch series, but I am
going to anyways.
One of the topics that came up was getting most of the suspend/resume
hooks out of mainline pm-utils. This is an agreeable goal to me, but
there are several prerequisites that need to be met if we want to
stand a decent chance of making it work.
The first thing we need is a stable API that hook-writers can do use
to perform their task, and an infrastructure that enforces the
independence of the hooks. The attached patch series is a first-pass
attempt at accomplishing that goal.
What this patch series does:
* Split pm/functions into 2 files -- pm/functions and pm/pm-functions.
* pm/functions provides the API that the hooks can use to perform
common tasks across sleep/wake cycles, and loosely fulfills the
criteria set out in /pm/HOWTO.hooks. The functions it provides do
their best to enforce hook independence -- hooks cannot see
configuration information intended for other hooks, nor can they
change information saved for the use of other hooks if they follow the
API.
* pm/pm-functions is designed for use by scripts in the pm-utils
package (currently pm-action and pm-powersave). It provides common
functionality that those scripts use, handles exporting global
variables for use by the hooks, and provides a mechanism to allow
pm-utils to support things like tuxonice and uswsusp with minimal
changes.
* Modifies the current hooks and scripts to take these changes into account.
* Does some basic security fixups -- we not refuse to execute or
source anything owned by a different UID than we are running as, and
we refuse to overwrite the logfile if it is a symlink or if it exists
and is not owned by us.
Patches apply cleanly on top of current git head, and the changes are
also available on the vlowther-security-audit branch @
git://fnordovax.org/pm-utils/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Adding-security-changes-to-pm-functions.patch
Type: text/x-diff
Size: 7372 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0016.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Hook-fixups-for-security-and-style-part-1.patch
Type: text/x-diff
Size: 2044 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0017.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-Minor-quotation-fixes-modified-90clock-to-just-pass.patch
Type: text/x-diff
Size: 1094 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0018.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0004-Minor-quotation-fixups-in-on_ac_power.patch
Type: text/x-diff
Size: 1202 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0019.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0005-Minor-quotation-fixes-in-pm-action.patch
Type: text/x-diff
Size: 549 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0020.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0006-Minor-quotation-fixups-in-pm-powersave.patch
Type: text/x-diff
Size: 734 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0021.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0007-Enable-tracing-with-set-x-when-PM_DEBUG-true.patch
Type: text/x-diff
Size: 591 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0022.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0008-Information-hiding-in-functions.-THis-should-cut-do.patch
Type: text/x-diff
Size: 8561 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0023.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0009-Split-out-functions-into-functions-and-pm-functions.patch
Type: text/x-diff
Size: 13525 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0024.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0010-Removed-zzz-hook-changes-in-run_hooks-and-the-way.patch
Type: text/x-diff
Size: 770 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0025.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0011-Replaced-tests-for-f-with-O-in-pm-functions-and-pm.patch
Type: text/x-diff
Size: 2803 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0026.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0012-A-couple-more-file-ownership-fixups-and.patch
Type: text/x-diff
Size: 1816 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0027.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0013-Modify-pm-functions-to-allow-suspend-hibernate-suspe.patch
Type: text/x-diff
Size: 1571 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0028.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0014-Forgot-to-remove-zzz-from-pm-sleep.d-Makefile.am.patch
Type: text/x-diff
Size: 617 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0029.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0015-Fix-missing-then-clause-in-pm-pm-functions.patch
Type: text/x-diff
Size: 715 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0030.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0016-Actually-test-for-the-existence-of-alternative-confi.patch
Type: text/x-diff
Size: 824 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/pm-utils/attachments/20080201/e129d247/attachment-0031.patch
More information about the Pm-utils
mailing list