* Claudio Freire ([email protected]) wrote: > On Mon, Jan 14, 2013 at 1:01 PM, Stephen Frost <[email protected]> wrote: > > I do like the idea of a generalized answer which just runs a > > user-provided command on the server but that's always going to require > > superuser privileges. > > Unless it's one of a set of superuser-authorized compression tools.
Which would require a new ACL system for handling that, as I mentioned..
That certainly isn't what the existing patch does.
What would that look like? How would it operate? How would a user
invoke it or even know what options are available? Would we provide
anything by default? It's great to consider that possibility but
there's a lot of details involved.
I'm a bit nervous about having a generalized system which can run
anything on the system when called by a superuser but when called by a
regular user we're on the hook to verify the request against a
superuser-provided list and to then make sure nothing goes wrong.
Thanks,
Stephen
signature.asc
Description: Digital signature
