Hal Rosenstock a écrit :
On Thu, 2007-04-26 at 01:02, Michael S. Tsirkin wrote:
There also some few commands (ib*.pl) that are using a file
/tmp/ibnetdiscover.topology. I suggest /var/cache/ibnetdiscover.topology
I'm not sure about this one. I need to think about this more.
Not sure about the best placement, but surely a predictable name
in a world-writeable directory is a security risk?
Is /var/cache world writeable ? I thought it was just world readable. If
this were to be done, I would think the opensm directory underneath this
would be more appropriate but I'm not leaning towards doing this since I
think the current approach is more flexible and the topology can be
supplied to all needed commands/scripts.
-- Hal
/var/cache is word readable. But the perl command which generate
/tmp/ibnetdiscover.topology are using ibnetdiscover command
which requires root privilege to work. So you dont need a /var/cache
world writeable directory.
Anyway putting the file in /var/cache does not forbid to make it world
readable.
grego $ ls -ld /var/cache
drwxr-xr-x 7 root root 4096 Feb 13 18:00 /var/cache
grego$ /usr/bin/ibnetdiscover -g
ibpanic: [22849] madrpc_init: can't open UMAD port ((null):0):
(Permission denied)
grego$ ibprintswitch.pl -l
Execution of ibnetdiscover failed with errors
Phil
_______________________________________________
general mailing list
[email protected]
http://lists.openfabrics.org/cgi-bin/mailman/listinfo/general
To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
