[Olsr-dev] including wifi stats in jsoninfo

Henning Rogge (spam-protected)
Sat Jun 9 21:23:02 CEST 2012


On Sat, Jun 9, 2012 at 7:19 PM, Hans-Christoph Steiner
<(spam-protected)> wrote:
> It is entirely clear to me that olsrd currently runs as a single process with root privileges.  I was describing how I think olsrd should work, now how it does work.  Having a single process running as root is bad form when this process only needs root access for very few things.  Separating things based on what privileges are needed is what sshd does, for example, and many other daemons.
>
> It would be nice to even use a non-privileged port, so that root is only ever needed for accessing the routing tables.  Then for changing the routing table, there would be a tiny chunk of code running as root with a very simple, limited protocol.  Then everything else including plugins would run as a very unprivileged user.

I wonder if we can do better in the new framework. OLSRd use a
permanent rtnetlink socket to set the routing tables, does someone
know if the capabilities of the process are checked for each netlink
command or just when the socket is opened?

This won't solve the problem to add a protocol UDP socket for new
interfaces (where we most likely need CAP_NETADMIN), but it would be a
step into the right direction.

Henning Rogge
-- 
Steven Hawkings about cosmic inflation: "An increase of billions of
billions of percent in a tiny fraction of a second. Of course, that
was before the present government."




More information about the Olsr-dev mailing list