[ofa-general] [PATCH] infiniband-diags: terminate perl scripts with error if not root

[Ira Weiny]

On Fri, 23 May 2008 13:35:32 +0300
Sasha Khapyorsky <sashak at voltaire.com> wrote:

> On 08:17 Thu 22 May     , Hal Rosenstock wrote:
> > On Thu, 2008-05-22 at 08:15 -0700, Timothy A. Meier wrote:
> > > Sasha,
> > > 
> > > Trivial patch to enforce root for these perl scripts.  More importantly, 
> > > doesn't silently fail if not root, and returns an error code.
> > 
> > Should these enforce root or be based on udev permissions for umad which
> > default to root ?
> 
> I would ask the same question as Hal did.
> 
> What is wrong with how it works now? On some system access to files could
> be arranged for group members, or ibnetdiscover used as engine for many
> scripts could be su/gid-ed. This will break there.

The problem is, if you don't know what a particular script or option does and
it simply returns a prompt with a "0" return code the user will THINK it did
what whatever it was supposed to do, when in fact it did nothing!!!

This is especially bad with these scripts as most of them simply query the
fabric.  This could lead one to believe that it did not find an information to
return when in fact it did not query the fabric at all.

I realize that running things which you don't know what they do is bad but for
sure it should not return "0" when it clearly did not perform the requested
operation because of an error in permissions.

Ira