[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hey Theo!

To: Pawel Jakub Dawidek <nick@garage.freebsd.pl>
Subject: Re: Hey Theo!
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Sun, 04 Aug 2002 15:53:32 -0600
Cc: tech@openbsd.org
References: <20020802210705.GF1709@garage.freebsd.pl> <200208022231.g72MVXdS011444@xerxes.courtesan.com> <20020804194005.GB25898@garage.freebsd.pl>

In message <20020804194005.GB25898@garage.freebsd.pl>
	so spake Pawel Jakub Dawidek (nick):

> Cron file are owned by users, so all tests, openning file, etc. could
> be done without uid 0. We can just take file name from /var/cron/tabs/
> get user's uid, call fork() and setuid(his_uid); setgid(crontab_gid).
> And now we could try to open this file and made all tests.

I suppose cron could fork, set ids to the user, read in the crontab,
and then pass the data to the parent over a socketpair.  Since we
hace O_NOFOLLOW and O_NONBLOCK there doesn't seem to be a lot to
gain from this approach but I'll think about it.  The parent would
need to timeout and kill the child if it stopped responding too.

 - todd

Follow-Ups:
- Re: Hey Theo!
  - From: Pawel Jakub Dawidek <nick@garage.freebsd.pl>

References:
- Hey Theo!
  - From: Pawel Jakub Dawidek <nick@garage.freebsd.pl>
- Re: Hey Theo!
  - From: "Todd C. Miller" <Todd.Miller@courtesan.com>
- Re: Hey Theo!
  - From: Pawel Jakub Dawidek <nick@garage.freebsd.pl>

Prev by Date: Re: sendmail and libmilter
Next by Date: Re: Hey Theo!
Prev by thread: Re: Hey Theo!
Next by thread: Re: Hey Theo!
Index(es):
- Date
- Thread