[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gomd-devel] <SCX> working on Secured Cluster-wide eXecution => help
From: |
rbaardman |
Subject: |
Re: [gomd-devel] <SCX> working on Secured Cluster-wide eXecution => help!!! |
Date: |
Mon, 8 Sep 2003 08:42:51 +0200 |
User-agent: |
Internet Messaging Program (IMP) 3.1 |
Hi
> Should we provide support to execute programs exiting in a few millisecs
> (like "ls") or support
> _also_ commands requiring long time before quitting (like "updatedb")?
Long programs too imho. Should enable a whole lot of possibilities.
> I'd like to implement the second type but there could be security holes on
> this approach.
Yes. We might come to the point where we would want to implement users
instead of host-based ACL's. Imho, as gomd grows and becomes more and more
in control of the host it is running on, security should become a bigger
issie. Stuff like buffer-overflows should not happen (relax, they don't
atm :) and we should more focus on what it _shouldn't_ do (security-wise_
than we might do now. Also, I think we should always keep in mind the
situation when gomd runs as unprivilidged user.
> Moreover I've a problem with the output of these progs.
> We can't make the user to wait for the program output, isn't it?
Exactly :)
> My (unsuccessful) attempt:
> I fork gomd to execute program ina separate process.
> I do this so gomd is not forced to waits for program exit.
Yes, as I read somewhere, bash does the same. It spawns a process by fork()
and executes a program in that process.
> But I need the output of teh program.
>
> The answer should be the pipe.
> So I tried with exec*() family and popen() but, IHMO, the result is not
> good.
> I correctly get the process output but I have no idea how to pass it to
> the
> parent process (the "real" gomd main process) so the parent can't return
> it
> to the user.
> Any idea?
> I don't want to use shmem or something like that...
Hm...you could use sockets for that. Internal sockets I mean by that. Afaik
those work under oM. Also, I heard that you could use pipelines within your
program. I will check this for you at school today :)
cheers,
Roel "roeles" Baardman
--
_____________________________________________________________________
Snel en voordelig ADSL nu voor iedereen bereikbaar.
Zon Breedband Budget vanaf EUR 14,95 per maand.
Nu tijdelijk geen aansluitkosten. Bestel snel op zonnet.nl/breedband