Hi, The child() function in jsvc-unix.c does not seem to behave consistently across platforms:
- on Linux, the capabilities and uid are set (in linuxset_user_group()) BEFORE java_init() and java_load() are called - on other platforms, set_user_group() is called AFTER java_init() and java_load() I see that the logic has worked that way since jsvc came over from Tomcat. A comment in jsvc-unix.c says that "setuid()/setgid() only apply the current thread so we must do it now", but I don't understand that. Does anyone remember the rationale for this inconsistency? Does it still need to work that way? My specific problem is that, in my Daemon.init() method, I'm trying to read files that are owned and readable only by the user invoking jsvc (root, in my case), but it can't read those files after linuxset_user_group() is called. (One workaround would be to add CAP_DAC_OVERRIDE to CAPS and CAPSMIN.) Thanks, Travis --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
