Date: Thu, 25 Aug 2005 18:02:40 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: Brooks Davis <brooks@one-eyed-alien.net> Cc: cvs-src@FreeBSD.org, John-Mark Gurney <gurney_j@resnet.uoregon.edu>, src-committers@FreeBSD.org, Pawel Jakub Dawidek <pjd@FreeBSD.org>, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libutil Makefile libutil.h pidfile.3 pidfile.c Message-ID: <20050825180050.F16967@fledge.watson.org> In-Reply-To: <20050825165501.GB29549@odin.ac.hmc.edu> References: <200508241721.j7OHLcNP061118@repoman.freebsd.org> <20050825060448.Q11335@fledge.watson.org> <20050825154354.GE30465@funkthat.com> <20050825171046.X72462@fledge.watson.org> <20050825165501.GB29549@odin.ac.hmc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 25 Aug 2005, Brooks Davis wrote: > This is probably a good idea for system daemons, but I'm not sure > there's much point in encouraging it for ports. I think we'll find that more and more third party applications do know how to do this as a result of tight integration of selinux into upcoming Linux releases. By placing pid files in separate directories, you avoid needing to grant fairly broad rights on the directory itself. While you can pre-create pidfiles, other things like sockets generally can't be precreated in trivial ways without granting large amounts of privilege to the daemon when it starts running. Robert N M Watson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050825180050.F16967>