tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jean-frederic clere <jfrederic.cl...@fujitsu-siemens.com>
Subject Re: [Daemon] New commons component
Date Wed, 20 Feb 2002 11:02:35 GMT
Pier Fumagalli wrote:
> 
> "jean-frederic clere" <jfrederic.clere@fujitsu-siemens.com> wrote:
> 
> > Remy Maucherat wrote:
> >>
> >>> "Patrick Luby" <patrick.luby@sun.com> wrote:
> >>>
> >>>> Remy,
> >>>>
> >>>> This is great news!
> >>>>
> >>>> I scanned through the Unix code and noticed that it uses the chmod'ing
> >>>> executables with setuid bits instead of performing a JNI call to the
> >> setuid()
> >>>> and seteuid() C functions before and after binding of a ServerSocket
> >> (i.e. the
> >>>> place you should need root access if you are binding to ports 1 through
> >> 1024).
> >>>> This type of approach eliminates the need for a controller and slave
> >> process.
> >>>
> >>> Then it's not my code... My code was written using setuid() and
> >> seteuid()...
> >>> Actually, the copy I have here also supports CHROOTING of the whole JVM
> >>> process, and real/effective group switching (as we say in Italy, "'na
> >> botte
> >>> de fero").
> >>
> >> There weren't 10 different copies of that code. Just one in j-t-s ;-)
> >> Obviously, I couldn't have written it myself.
> >
> > That Pier's code (in jakarta-commons-sandbox/daemon/src/native/unix/native).
> > Where is the chmod()?
> > The idea of making setuid() and setgid() from the JVM is also possible - I
> > will
> > try it -
> 
> There are way-too-many copies in way-too-many places (three found so far on
> CVS... Shaitz!)... Bah, my fault!!$!^@$(U#!@$%*(@&#$%!)*&%!


Creative Chaos!

> 
>     Pier
> 
> --
> To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message