In the main.c file, there is a comment saying that 'we need to open fifo
before do_suid() and start the fifo server after all the socket are
initialized, to inherit them'. I'm wondering why SER has to do it like that.
Can't SER lower its privileges first (do_suid), then open fifo and start the
fifo server? The reason being that I want to run SER with an unprivileged
user. With the current implementation, the fifo file will be created by root
which is not accessible to anyone else. Unless I change the fifo_mode to
0666, which I don't want to, I can't make SER more secure and yet
accessible.
I've tried to move the do_suid() before init_fifo_server() and compile
successfully. The server can run as ser:apache with fifo_mode set to 0660.
That way, my Apache server can talk to SER yet limiting other user directly
talking to SER via serctl. However, I would like to know the reason why it
is implemented the way it is now. Maybe I'm not insightful to see the
obviously reason.
Also, will unix_sock get something like unix_sock_mode in the future?
Zeus Ng
**********************************************************************
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error, you are prohibited from reading,
copying, distributing and using the information. Please contact the sender
immediately by return email and destroy the original message.
******************************************************************