[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: chroot/setuid for lilypond (for LSR)
|
From: |
Paul Jarc |
|
Subject: |
Re: chroot/setuid for lilypond (for LSR) |
|
Date: |
Fri, 04 Mar 2005 13:56:38 -0500 |
|
User-agent: |
Gnus/5.110003 (No Gnus v0.3) Emacs/21.4 (gnu/linux) |
Sebastiano Vigna <address@hidden> wrote:
> I think this is a satisfactory solution for people wanting to run lily
> on a server, with greater freedom than that provided by safe mode.
I agree - privilege limitations are already well covered and enforced
by the kernel. Better to reuse that well-tested code than reimplement
it.
> + if (change_root) {
> + if (chroot(change_root)) {
I'd suggest:
if (change_root) {
if (chdir(change_root) || chroot(".")) {
Otherwise, you might use -c alone and be misled into thinking you're
safer than you really are. This also makes -d unnecessary.
paul
Re: chroot/setuid for lilypond (for LSR), Han-Wen Nienhuys, 2005/03/04