trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Peach <jpe...@apache.org>
Subject Re: git commit: TS-2425: Update to TS-2261 for loading plugins as root
Date Thu, 23 Jan 2014 18:00:05 GMT
On Jan 23, 2014, at 6:50 AM, bcall@apache.org wrote:

> Updated Branches:
>  refs/heads/master 00897775d -> cd86569e9
> 
> 
> TS-2425: Update to TS-2261 for loading plugins as root
> 
[snip]
> http://git-wip-us.apache.org/repos/asf/trafficserver/blob/cd86569e/proxy/http/remap/UrlMapping.cc
> ----------------------------------------------------------------------
> diff --git a/proxy/http/remap/UrlMapping.cc b/proxy/http/remap/UrlMapping.cc
> index d5b00d1..58739c1 100644
> --- a/proxy/http/remap/UrlMapping.cc
> +++ b/proxy/http/remap/UrlMapping.cc
> @@ -79,13 +79,8 @@ url_mapping::delete_instance(unsigned int index)
>   remap_plugin_info* p = get_plugin(index);
> 
>   if (ih && p && p->fp_tsremap_delete_instance) {
> -    // elevate the access to read files as root if compiled with capabilities, if not
> -    // change the effective user to root
> -    uint32_t elevate_access = 0;
> -    REC_ReadConfigInteger(elevate_access, "proxy.config.plugin.load_elevated");
> -    ElevateAccess access(elevate_access != 0);
>     p->fp_tsremap_delete_instance(ih);
> -  } // done elevating access
> +  }
> }

The delete is no longer elevated? That seems inconsistent. Why did you remove that? Also,
why is it necessary to perform the dlopen() with privilege?

J

Mime
View raw message