Hi, On Fri, Aug 26, 2016 at 06:11:36PM +0200, David Sommerseth wrote: > On 26/08/16 15:14, Gert Doering wrote: > > If we keep the other one (Arne had some reservations because the amount > > of code in the "now-privileged" part is bigger than "just bind"), then > > this is a working fix - so, conditional ACK. > > If you look at the diff with these two patches and without, you > basically move the do_uid_gid_chroot() from above > do_init_server_poll_timeout() to down below do_init_2(). So this last > patch just ensures the order of do_init_server_poll_timeout() and > do_init_2() is preserved.
I understand that :-) - the point isn't the timeout initialization, but
Arne had reservations about do_init_2() being "too big" - which is why
the original patch from James wasn't merged months ago.
(Unfortunately we only discussed this on IRC, not formally on the list,
so it never made a "true NAK")
But maybe the point is somewhat moot - now, only part of the code
runs privileged, while before that, people needing privileged ports
had to run *everything* privileged...
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
signature.asc
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
