[ovs-dev] [v3 05/10] lib/daemon: all daemons works with the --user option
Ben Pfaff
blp at nicira.com
Fri Sep 18 19:53:16 UTC 2015
On Mon, Sep 14, 2015 at 03:54:09PM -0700, Andy Zhou wrote:
> All daemons launched by root can drop their privilege using
> --user option. See man page update form more details.
>
> Signed-off-by: Andy Zhou <azhou at nicira.com>
What worries me about this is that it relies on developers to remember
to add a call to daemon_become_new_user() to every daemon. If we forget
one, it's a security hole: --user will be silently ignored.
Is it possible to integrate daemon_become_new_user() into some other
function that has to be called for daemonization to work? For example,
can we integrate it into daemon_start()? Or can we at least avoid the
security hole by, say, aborting in daemonize_complete() if
daemon_become_new_user() hasn't been called?
More information about the dev
mailing list