BIND 10 #1381: Dropping root on #213
BIND 10 Development
do-not-reply at isc.org
Wed Nov 9 15:14:57 UTC 2011
#1381: Dropping root on #213
-------------------------------------+-------------------------------------
Reporter: | Owner: jinmei
vorner | Status: reviewing
Type: task | Milestone:
Priority: major | Sprint-20111122
Component: Boss | Resolution:
of BIND | Sensitive: 0
Keywords: | Sub-Project: Core
Defect Severity: N/A | Estimated Difficulty: 0
Feature Depending on Ticket: | Total Hours: 0
Add Hours to Ticket: 0 |
Internal?: 0 |
-------------------------------------+-------------------------------------
Changes (by vorner):
* owner: vorner => jinmei
Comment:
Hello
Replying to [comment:3 jinmei]:
> The code basically looks okay, but if you haven't please make sure if
> -u really works as expected on an installed system (this is something
> we don't test (at it's mostly impossible) through our unit and system
> tests).
Right, I tested it, it looks it drops the privileges at the right time and
the programs have the right user. The auth server could use the privileges
sockets and this is what I get from pstree:
{{{
bash───sudo(root)───bind10(vorner)─┬─b10-auth
├─b10-cfgmgr
├─b10-cmdctl───{b10-cmdctl}
├─b10-msgq
├─b10-sockcreator(root)
├─b10-stats
├─b10-stats-httpd
├─b10-xfrin
├─b10-xfrout───2*[{b10-xfrout}]
└─b10-zonemgr───{b10-zonemgr}
}}}
> Some comments on the code:
>
> '''special_component.py'''
> - why is this a TODO? It seems to be a quite trivial addition:
Because I forgot about it 5 minutes after I noted it down to do it later.
Fixed.
Thank you
--
Ticket URL: <http://bind10.isc.org/ticket/1381#comment:5>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list