|
From: | John Collins (personal) |
Subject: | Re: [help-gnubatch] gbch-xq |
Date: | Mon, 25 Oct 2010 10:16:32 +0100 |
User-agent: | Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.11) Gecko/20101006 Lightning/1.0b2 Thunderbird/3.1.5 |
On 25/10/10 06:34, Jan Schampera wrote:
Reuti wrote:The solution is to stop using message queues which is exactly what I'm doing in the new version. That is the only reason currently to hang on to set-user to gnubatch as message queues have no "open" equivalent which does the permission check once at the beginning - message queues check the send or receive operation against the EUID on every call. Obviously if you make the message queue wide open you've got a nice big security hole. And message queues are expensive and a pain in other respects in that other applications can saturate the available pool of messages in the kernel and cause gnubatch to fall over because it can't send any. (This is less of a problem on Linux than most UNIX versions). --
John Collins address@hidden Phone: +44 (0)1707 883174 Mobile: +44 (0)7958 387247 Work Phone: +44 (0)1707 886110 3 Mandeville Rise, Welwyn Garden City, Herts, AL8 7JT, UK |
[Prev in Thread] | Current Thread | [Next in Thread] |