Re: FHS compliance and UNIX sockets
Ethan Benson <erbenson@alaska.net> wrote:
> sorry but this is nuts, ssh-agent is not written to be a set[ug]id
> program, making it setuid would be dangerous. it probably would not
> even function correctly. =20
So what? You can write in such a way that the first thing it does is to
create that directory and then immediately drop the privilege. If you're
worried about giving users write permission under /var/run, just make the
socket there and forget about the directory.
--
Debian GNU/Linux 2.2 is out! ( http://www.debian.org/ )
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Reply to: