Re: FR: NetworkManagerDispatcher should fireup scripts owned by any user.

On Sun, 2007-07-08 at 21:02 -0400, Hans Deragon wrote:
> Greetings.
>   [ Resending with a less annoying title and non signed email;
>     Please reply to this email instead to start a thread.
>     My apologies ]
>   I would like to propose a new feature.  The NetworkManagerDispatcher
>   should call any scripts found under NM_SCRIPT_DIR (currently hardcoded
>   to '/etc/NetworkManager/dispatcher.d' directory), regardless of the
>   owner.  Currently, it only executes scripts owned by root.
There is no such directory on my Fedora 7 machine. What version of Linux
is being used?
>   Scripts would be executed with the EUID set to the user owning the
>   script.  This would prevent a user to gain root privileges.  But with
>   this feature, users without any admin privileges could add their own
>   scripts.  For instance, they could set ssh tunnels when getting
>   connected to a particular network.
>   NM_SCRIPT_DIR would have the sticky bit set, like /tmp.  From chmod
>   man page:
>      When the sticky bit is set on a directory, files in that directory
>      may be unlinked or renamed only by the directory owner as well as
>      by  root or the file owner.  Without the sticky bit, anyone able to
>      write to the directory can delete or rename files.  The sticky bit
>      is commonly found on directories, such as /tmp, that are
>      world-writable.
>   Comments are welcomed.
>   If my proposal is welcomed, I could give a try coding it and submit a
>   patch.  Instead of calling system() directly, a fork would be
>   executed, and the child would perform a setuid() call prior calling
>   system().  One advantage of forking is that the daemon would never
>   freeze since only the children would call shell commands.  Thus if a
>   shell command loops indefinitely, the main daemon isn't affected.
> Best regards,
> Hans Deragon
First there was Dial-A-Prayer, then Dial-A-Recipe, and even
Dial-A-Footballer. But the south-east Victorian town of Sale has
produced one to top them all. Dial-A-Wombat. It all began early
yesterday when Sale police received a telephone call: "You won't believe
this, and I'm not drunk, but there's a wombat in the phone booth outside
the town hall," the caller said. Not firmly convinced about the caller's
claim to sobriety, members of the constabulary drove to the scene,
expecting to pick up a drunk. But there it was, an annoyed wombat,
trapped in a telephone booth. The wombat, determined not to be had the
better of again, threw its bulk into the fray. It was eventually lassoed
and released in a nearby scrub. Then the officers received another
message ... another wombat in another phone booth. There it was:
*Another* angry wombat trapped in a telephone booth. The constables took
the miffed marsupial into temporary custody and released it, too, in the
scrub. But on their way back to the station they happened to pass
another telephone booth, and -- you guessed it -- another imprisoned
wombat. After some serious detective work, the lads in blue found a
suspect, and after questioning, released him to be charged on summons.
Their problem ... they cannot find a law against placing wombats in
telephone booths. -- "Newcastle Morning Herald", NSW Australia, Aug
Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam sbcglobal net

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]