On Tue, 24 Mar 2009 15:42:46 +1100, Ben Finney
<bignose+hates-s...@benfinney.id.au> wrote:
Jean-Paul Calderone <exar...@divmod.com> writes:
[snip]
An additional feature which would be useful for the library to
provide, however, would be the setting of euid and egid instead of
uid and gid. This is necessary, for example, to write an SSH daemon
which gives out user shells.
That sounds rather more specific than is needed for the generic
library being proposed here. I'm wary of adding features to an API
that is already quite complex.
Isn't setting the EUID and EGID something that is just as easily done
*after* the program achieves a daemon process?
That depends.
If you mean that one can ignore the uid and gid setting features of the
proposed library so that they are not changed during daemonization and
then make the appropriate calls from the application afterwards, then
yes.
Otherwise, no. Since this means all of your daemon startup code is forced
to run as a privileged process when it might otherwise have run without
those privileges, I think it's worth the tiny additional complexity it
will bring to the API (and it really is pretty tiny, something on the order
of a new `set_effective=True´ flag).
Jean-Paul
--
http://mail.python.org/mailman/listinfo/python-list
