[patch] nsca chroot() support

sean finney seanius at seanius.net
Sun Mar 12 12:05:03 CET 2006


oh, i forgot one thing:

i couldn't decide whether it made sense to try and chroot in
inetd mode.  my inclination is that the corresponding inetd
daemon (xinetd, etc) should provide this functionality, and
that it would probably be impossible to do if inetd was
running the service as another user anyway.

but, i've gone ahead and put in a call to do_chroot in inetd
mode anyway, since it exits with an error if it fails, and
i figure it would be better to fail noisily rather than
silently ignore a security-related configuration option.

in any event the lines that do that are an isolated hunk
in the patch i previously provided, so feel free to remove
them if you think that's better (though in that case the hunk
of patch for nsca.cfg should probably be updated to mention
this too).


	sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://www.monitoring-lists.org/archive/developers/attachments/20060312/21c6efc2/attachment.sig>


More information about the Developers mailing list