Hello all,
Another set of proposed patches...
See the contents here (click on each file name in the file list to see the
contents): https://build.opensuse.org/package/show/home:emendonca/oorexx5
- call_setgroups_before_setuid.patch: this is a security precaution against
chroot traversing.
-
De: Moritz Hoffmann
I think a clean solution would be to use UNIX sockets on Linux and similar
systems. I don't know about Mac or Windows but I'm sure there exists something
equivalent. Then, each user would have its own instance of the api daemon that
is accessible using
As far as I remember, there was no api daemon back then. Instead, ooRexx
used shared memory to enable communication between different instanced
belonging to the same user. This is definitely not the way we want things
to work these days as it is hard to maintain and prone to bugs. The current
On Wed, Jul 6, 2016 at 1:47 PM, Michael Lueck
wrote:
> Greetings all,
>
> I was thinking to ask to compare to the pre-ooRexx v4 way of handling
> RXAPI, however...
>
> Moritz Hoffmann wrote:
> > I think a clean solution would be to use UNIX sockets on Linux and
>
Greetings all,
I was thinking to ask to compare to the pre-ooRexx v4 way of handling RXAPI,
however...
Moritz Hoffmann wrote:
> I think a clean solution would be to use UNIX sockets on Linux and similar
> systems. I don't know about Mac or Windows but I'm sure there exists
> something
There's one problem that we're currently not looking at: The api daemon
uses the user name as identifier to separate between different users. The
name is sent in a message from the client to the server which means that it
could be forged, i.e. any user can access any other user's data. It is not
Yes, both ooRexx client program and rxapi would have to know where to look for
the PID file. Unless there is a pre-arranged fall back place, something like
~/.ooRexx/rxapi.pid
> On Jul 6, 2016, at 3:25 AM, Rick McGuire wrote:
>
>
>
> On Wed, Jul 6, 2016 at 6:18 AM,
That could work, but I don’t know that a second file would be needed, couldn’t
the PID file contain both PID and port? I’m also assuming that you would
determine PID by matching effective user ID’s of both ooRexx client and rxapi.
Also going forward this would be a solution for V5, I don’t
On Wed, Jul 6, 2016 at 6:18 AM, Rony G. Flatscher
wrote:
>
> On 05.07.2016 22:43, CVBruce wrote:
>
> Although this gets around the pid file problem, it doesn’t get around the
> port problem, you can still only run one rxapi process per computer. For
> example you
On 05.07.2016 22:43, CVBruce wrote:
> Although this gets around the pid file problem, it doesn’t get around the
> port problem, you can still only run one rxapi process per computer. For
> example you can’t run both 32bit and 64bit rxapi concurrently on the same
> box, even if your have
10 matches
Mail list logo