Re: [gomd-devel] <SCX> working on Secured Cluster-wide eXecution => help

gomd-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gomd-devel] <SCX> working on Secured Cluster-wide eXecution => help

From:	rbaardman
Subject:	Re: [gomd-devel] <SCX> working on Secured Cluster-wide eXecution => help!!!
Date:	Mon, 8 Sep 2003 08:42:51 +0200
User-agent:	Internet Messaging Program (IMP) 3.1

Hi

> Should we provide support to execute programs exiting in a few millisecs
> (like "ls") or support
> _also_ commands requiring long time before quitting (like "updatedb")?

Long programs too imho. Should enable a whole lot of possibilities.

> I'd like to implement the second type but there could be security holes on
> this approach.

Yes. We might come to the point where we would want to implement users 
instead of host-based ACL's. Imho, as gomd grows and becomes more and more 
in control of the host it is running on, security should become a bigger 
issie. Stuff like buffer-overflows should not happen (relax, they don't 
atm :) and we should more focus on what it _shouldn't_ do (security-wise_ 
than we might do now. Also, I think we should always keep in mind the 
situation when gomd runs as unprivilidged user. 

> Moreover I've a problem with the output of these progs.
> We can't make the user to wait for the program output, isn't it?

Exactly :)

> My (unsuccessful) attempt:
> I fork gomd to execute program ina  separate process.
> I do this so gomd is not forced to waits for program exit.

Yes, as I read somewhere, bash does the same. It spawns a process by fork() 
and executes a program in that process.

> But I need the output of teh program.
> 
> The answer should be the pipe.
> So I tried with exec*() family and popen() but, IHMO, the result is not
> good.
> I correctly get the process output but I have no idea how to pass it to
> the
> parent process (the "real" gomd main process) so the parent can't return
> it
> to the user.
> Any idea?
> I don't want to use shmem or something like that...

Hm...you could use sockets for that. Internal sockets I mean by that. Afaik 
those work under oM. Also, I heard that you could use pipelines within your 
program. I will check this for you at school today :)

cheers, 

Roel "roeles" Baardman


-- 
_____________________________________________________________________
Snel en voordelig ADSL nu voor iedereen bereikbaar.
Zon Breedband Budget vanaf EUR 14,95 per maand.
Nu tijdelijk geen aansluitkosten. Bestel snel op zonnet.nl/breedband

[Prev in Thread]

Current Thread

[Next in Thread]

[gomd-devel] <SCX> working on Secured Cluster-wide eXecution => help!!!, Gian Paolo Ghilardi, 2003/09/07
- [gomd-devel] Re: <SCX> working on Secured Cluster-wide eXecution => help!!!, Matthias Rechenburg, 2003/09/08
- Re: [gomd-devel] <SCX> working on Secured Cluster-wide eXecution => help!!!, rbaardman <=
- Re: [gomd-devel] <SCX> working on Secured Cluster-wide eXecution => help!!!, Johnny Cache, 2003/09/09

Prev by Date: [gomd-devel] Re: <SCX> working on Secured Cluster-wide eXecution => help!!!
Next by Date: Re: [gomd-devel] <SCX> working on Secured Cluster-wide eXecution => help!!!
Previous by thread: [gomd-devel] Re: <SCX> working on Secured Cluster-wide eXecution => help!!!
Next by thread: Re: [gomd-devel] <SCX> working on Secured Cluster-wide eXecution => help!!!
Index(es):
- Date
- Thread