Re: [chrony-dev] Re: [PATCH] Privilege Separation - Version 2 - Add helper process |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-dev Archives
]
On Mon, Nov 16, 2015 at 01:42:27PM +1300, Bryan Christianson wrote:
> I removed all the stuff to actually compile privops, figuring it would show up when the priv helper is used with a driver.
>
> I have a couple of queries about the next step
>
> 1. PRIVOPS_ALL is true when any of the function defines is added to config, I think PRV_Initialise() should be called
> from SYS_DropRoot() (guarded by PRIVOPS_ALL) - or would you prefer a call from each driver SYS_xxxxx_DropRoot() ?
If it was used only for root privileges, SYS_DropRoot() would make
sense. If we wanted to use the helper also for getaddrinfo() on Linux
with seccomp filter, it would be running without root privileges
though. I'd leave that up to the system drivers, at least for now.
Instead of defining PRIVOPS_ALL in the header, it could be defined in
the configure script together with the addition of privops.o to
EXTRA_OBJECTS.
Could it be named PRIVOPS_HELPER or something like that?
> 2. Not sure where (or even if) PRV_Finalise() should be called.