On Wed, Aug 18, 2010 at 04:01:52PM -0000, exar...@twistedmatrix.com wrote: > On 03:35 pm, p.may...@imperial.ac.uk wrote: > >On 18/08/10 10:25, twisted-...@udmvt.ru wrote: > >>I think --uid option is too dangerous. > >>sudo or su or setuidgid (from http://cr.yp.to/daemontools.html) is > >>more > >>appropriate for changing uids. > > > >In all cases? I think not. > > Making the directory world writeable is certainly insane and dangerous. > But in the case where the directory is only writeable by the user the > daemon is going to run as, and access to that user is restricted, I > don't see a problem. The problem is that you trust that user an ability to destroy any root-writeable file contents, but you most likely do not realize that, so you most likely don't take any extra measures to protect yourself. For "most of the cases" it could be OK, but for the minority of others it would be a disaster.
-- Alexey. _______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python