On Mon, Jan 25, 2010 at 09:48:57PM +0100, Håkan Johansson wrote:
On Mon, 25 Jan 2010, Bill Unruh wrote:
I am not sure that this is a good idea, since this would allow anyone to send
rogue data to the shm driver. It would be better to leave it at 0600 for the
chrony user ( or for root if you are using root), and let root change it if
the sysadmin wants to allow anyone to write to the shm, or at most make it a
configuration option.
It becomes a configuarion option in the sense that segments 0 and 1
use permissions 0600 and only segments 2 and 3 use 0666, so the
level of trust can then be selected that way.
I agree with Bill. This seems dangerous.
It is not clear to me what the scenario is where someone
other than root should be able to send data to this driver.
My scenario is that I am user on some systems where I will not get
root permissions, so I cannot modify/restart/etc the ntpd/chronyd
process, which I do not need. But the sysadmins would entrust me to
run e.g. gpsd to provide reference data. This is useful for the
further testing of gpsd I am doing, and the need to modify/restart
gpsd doing that.
If the sysadmins are willing to configure ntpd/chronyd to use SHM, I
think you can ask them to create the segment before starting the
service with any permissions you want, e.g. 600 with your user as the
owner.