[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: OOM-killer prevention for master kdeinit process
From: Lubos Lunak <l.lunak () suse ! cz>
Date: 2006-08-02 21:21:28
Message-ID: 200608022321.28310.l.lunak () suse ! cz
[Download RAW message or body]
On Wednesday 02 August 2006 22:31, Dirk Mueller wrote:
> On Wednesday, 2. August 2006 17:07, Lubos Lunak wrote:
> > > Now, who's the setuid guru here :)? Is the attached (KDE3) patch ok?
> > > I'd prefer not to have security people going after me.
>
> I would replace the fopen etc stuff with open(). no difference, just less
> stuff to depend on.
>
> What I'm wondering though: is the oom_score adjustment inherited to fork'ed
> childs or is it noninherited?
Ah, damn, of course it is inherited :(. So the adjustment needs to be reset
right after forking. Hmm, I'm not sure we want kdeinit to stay setuid for so
long, so I guess that means another setuid helper. And I suppose that helper
will need some checks to make sure it cannot be misused? Do we have already
something similar I could base this on?
> Also, the additional gid's are not dropped
Does that mean artswrapper is wrong too? I just used that as a base. And I
don't think I really know what to fix :).
> and the uid dropping is inside an #ifdef (which might not be defined outside
> linux).
It is setuid only on Linux, see the Makefile. It could be actually moved
outside, no harm in doing that.
--
Lubos Lunak
KDE developer
---------------------------------------------------------------------
SuSE CR, s.r.o. e-mail: l.lunak@suse.cz , l.lunak@kde.org
Drahobejlova 27 tel: +420 2 9654 2373
190 00 Praha 9 fax: +420 2 9654 2374
Czech Republic http://www.suse.cz/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic