Re: Distributed objects: connecting to a process running as root?
Re: Distributed objects: connecting to a process running as root?
- Subject: Re: Distributed objects: connecting to a process running as root?
- From: James Bucanek <email@hidden>
- Date: Sat, 29 Apr 2006 14:06:19 -0700
Andrei Tchijov wrote on Saturday, April 29, 2006:
>If your daemon does not need any additional privileges which come as
>a result of running as root, than you can actually "downgrade" your
>daemon to ANY user using setuid() function (man setuid for more
>info). This probably will be good idea, because you should not have
>pieces running as root if you do not want/need extra privileges.
Besides the issues that Jordan pointed out, this wouldn't solve my problem anyway. This needs to be a single/centralized scheduling coordinator for all users using this system. If a NSConnect can't connect to a process with a different user ID, then changing user IDs doesn't really fix the problem. I just end up with a server that only one user can connect to.
>Alternatively, if you are can use DO which employes "normal" (TCP/IP)
>sockets (I believe I read somewhere that it is possible), than most
>likely you will not have any difficulties connecting from user
>process to root server - because TCP/IP sockets do not have concept
>of "user".
I've considered using IP ports for this, and plan to do so for the distributed/network version of the app, but really wanted to avoid it for inter-process communications.
--
James Bucanek
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden