Am Mittwoch, 26. Dezember 2007 17:10 schrieb Michael Schwartzkopff: > Hi, > > under www.linux-ha.org/ha.cf, in section respawn is written: > "SECURITY NOTE: It is a bad security practice to run programs from > Heartbeat as root unless they are prepared to change their user ids once > they're started. None of the programs which come with Heartbeat to be used > with respawn should be run as root." > > In the section about crm the same site says: > "When [crm] set to on, the directive automatically implies: > (...) > respawn root stonithd > respawn root lrmd" (...)
I checked the process table. Both processes seem to change their ids and run as nobody. Sorry for beeing a little bit too fast writing to the mailing list. -- Dr. Michael Schwartzkopff MultiNET Services GmbH Addresse: Bretonischer Ring 7; 85630 Grasbrunn; Germany Tel: +49 - 89 - 45 69 11 0 Fax: +49 - 89 - 45 69 11 21 mob: +49 - 174 - 343 28 75 mail: [EMAIL PROTECTED] web: www.multinet.de Sitz der Gesellschaft: 85630 Grasbrunn Registergericht: Amtsgericht München HRB 114375 Geschäftsführer: Günter Jurgeneit, Hubert Martens --- PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B Skype: misch42 _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
