FR: NetworkManagerDispatcher should fireup scripts owned by any user.
- From: Hans Deragon <hans deragon biz>
- To: NetworkManager-list gnome org
- Subject: FR: NetworkManagerDispatcher should fireup scripts owned by any user.
- Date: Sun, 08 Jul 2007 21:02:39 -0400
[ Resending with a less annoying title and non signed email;
Please reply to this email instead to start a thread.
My apologies ]
I would like to propose a new feature. The NetworkManagerDispatcher
should call any scripts found under NM_SCRIPT_DIR (currently hardcoded
to '/etc/NetworkManager/dispatcher.d' directory), regardless of the
owner. Currently, it only executes scripts owned by root.
Scripts would be executed with the EUID set to the user owning the
script. This would prevent a user to gain root privileges. But with
this feature, users without any admin privileges could add their own
scripts. For instance, they could set ssh tunnels when getting
connected to a particular network.
NM_SCRIPT_DIR would have the sticky bit set, like /tmp. From chmod
When the sticky bit is set on a directory, files in that directory
may be unlinked or renamed only by the directory owner as well as
by root or the file owner. Without the sticky bit, anyone able to
write to the directory can delete or rename files. The sticky bit
is commonly found on directories, such as /tmp, that are
Comments are welcomed.
If my proposal is welcomed, I could give a try coding it and submit a
patch. Instead of calling system() directly, a fork would be
executed, and the child would perform a setuid() call prior calling
system(). One advantage of forking is that the daemon would never
freeze since only the children would call shell commands. Thus if a
shell command loops indefinitely, the main daemon isn't affected.
http://www.deragon.biz Open source (contribution):
mailto://hans deragon biz http://autopoweroff.deragon.biz
] [Thread Prev