On Fri, 12 Mar 2010 13:07:44 -0800
Renee Danson Sommerfeld <renee.sommerfeld at sun.com> wrote:
> On Fri, Mar 12, 2010 at 12:01:57PM -0800, Michael Hunter wrote:
> > On Fri, 12 Mar 2010 11:42:27 -0800
> > Renee Danson Sommerfeld <renee.sommerfeld at sun.com> wrote:
> >
> > [...]
> > > Your solution, which I think is reasonable, is to remove the escalate
> > > privs function and just make that part of the to_root() function, and
> > > add a bit of clarification to the comment in nwamd_plumb_interface().
> >
> > Pretty much. New (untested) webrev in same place.
>
> This is mostly what we talked about. But the change in main.c (where
> nwamd_to_root() is immediately followed by nwamd_from_root(), instead
> of the call to drop privs) is pretty gross.
>
> Could we somehow have an initialization thing early, that sets the
> refcounts appropriately, and then just do the nwamd_from_root() here?
I initially was really bothered by this. The tone of the comment came
out of that. But I realized that I could create a separate entry point
that I could hope was used correctly. But if I was going to hope then
I might as well go back to the previous implementation. In the
triangle of efficiency/usability/good looks this solution does
good/good/bad and the other solutions do okay/bad/good. I'm going to
take the function over form answer of old age :) As we just discussed
on the phone I'll update the comment and file a "fine grained priv" RFE.
>
> And looking at this here, I'm a little unhappy with the function names.
> These functions do more than change the uid; the current names are a
> bit misleading. Maybe nwamd_escalate() and nwamd_drop()? Or something
> more along those lines?
I need a new word
one that doesn't say the same thing
one that doesn't make me confuse my users
one that doesn't make me feel thick thick thick.
heh.
maybe nwamd_escalate()/nwamd_deescalate() are the best. They leave the
what unspecified so the question is avoided.
Michael
>
> -renee
