Re: FHS compliance and UNIX sockets

To: debian-devel@lists.debian.org
Subject: Re: FHS compliance and UNIX sockets
From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Tue, 30 Jan 2001 12:14:07 +1100
Message-id: <[🔎] 200101300114.f0U1E7728858@gondor.apana.org.au>
In-reply-to: <aj@azure.humbug.org.au> <[🔎] 20010129164359.C1255@azure.humbug.org.au> <[🔎] 200101290647.f0T6lbF28325@linda.lfix.co.uk> <[🔎] 841ytmpzbx.fsf@snoopy.apana.org.au> <[🔎] 200101290908.f0T980x12876@gondor.apana.org.au> <[🔎] 84k87enhkl.fsf@snoopy.apana.org.au>

Brian May <bam@debian.org> wrote:
>>>>>> "Herbert" == Herbert Xu <herbert@gondor.apana.org.au> writes:

>     Herbert> Yes, but presumably there is a daemon process which runs
>     Herbert> under a single uid.

> Not for ssh-agent. Exactly one daemon is started for every user who
> requires it. These daemons must be independent of each other (security
> reasons).

In that case, make ssh-agent setuid a new user who owns /var/run/ssh.
Then ssh-agent can create a directory under it for the user invoking
it and make it owned by that user.  The rest is trivial.
-- 
Debian GNU/Linux 2.2 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply to:

Follow-Ups:
- Re: FHS compliance and UNIX sockets
  - From: Ethan Benson <erbenson@alaska.net>

References:
- Re: FHS compliance and UNIX sockets
  - From: Brian May <bam@debian.org>

Prev by Date: Re: Problems with using debconf in init script...
Next by Date: Re: Problems with using debconf in init script...
Previous by thread: Re: FHS compliance and UNIX sockets
Next by thread: Re: FHS compliance and UNIX sockets
Index(es):
- Date
- Thread