List Archive: gentoo-dev
On Fri, 2008-03-21 at 10:20 +0000, Roy Marples wrote:
> Hi List.
>
> I've just removed the code to check for euid when running services and instead
> relying on permissions of the service state dir and testing errno. This is a
> good thing, but it does have one side effect.
>
> OpenRC can track daemons by how they were started. So every time you run
> rc-status it tests each reported service to ensure all daemons are up. This
> also works fine unprivileged on normal boxes - except for hardened where
> users can only see their own processes.
>
> This isn't really an easy answer, as we could have installed OpenRC in a
> prefix where this wouldn't apply, but we don't know that either.
>
> Ideas anyone?
err... run rc-status as root?
I mean if you are not supposed to see if a process is running or not as
normal user, then hardned is doin it's job when does not allow rc-status
to show this info to the unprivileged user.
if (!HARDENED || (HARDENED && euid=0) {
/* show if process is running or not */
}
> Thanks
>
> Roy
--
gentoo-dev@g.o mailing list
|
|
