Re: FHS compliance and UNIX sockets
Brian May <bam@debian.org> wrote:
>>>>>> "Herbert" == Herbert Xu <herbert@gondor.apana.org.au> writes:
> Herbert> Yes, but presumably there is a daemon process which runs
> Herbert> under a single uid.
> Not for ssh-agent. Exactly one daemon is started for every user who
> requires it. These daemons must be independent of each other (security
> reasons).
In that case, make ssh-agent setuid a new user who owns /var/run/ssh.
Then ssh-agent can create a directory under it for the user invoking
it and make it owned by that user. The rest is trivial.
--
Debian GNU/Linux 2.2 is out! ( http://www.debian.org/ )
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Reply to: