Re: if-up hooks not working



<snip>
On Dec 3, 2007 8:33 AM, Dan Williams <dcbw redhat com> wrote:
> Sure; NMD was written before a lot of stuff like SELinux or PolicyKit or
> whatever came along, and really hasn't been touched in a long time.
> What sort of permissions checks would you propose?
>
> Dan

Well, I think that checking that /etc/NetworkManager/dispatcher.d is owned by root and only writable by root and that the files in that dir were executable by root would be adequate. In that situation, NMD would know that everything in that directory was there with root's permission. Of course, there's the possibility that root could put something there that was writable by the wrong person and that person could do something they shouldn't, but I think that in such a situation, that would be solely the sysadmin's fault. Someone who knows enough to use NMD probably knows enough to set sensible permissions.

Whether the permissions checking should be changed to that outright, or made an option, I don't care one way or the other.

Scott


--
===Scott Severance===

Website: http://www.scottseverance.us
Blog: http://blog.scottseverance.us
Phone: (903) 756-8066

Check out the Sermon Illustration Library: http://www.sermonillustrationlibrary.org

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]