[ofa-general] Re: [PATCH] infiniband-diags: terminate perl scripts with error if not authorized

Sasha Khapyorsky sashak at voltaire.com
Sun May 25 12:14:30 PDT 2008


Hi Tim,

On 09:04 Fri 23 May     , Timothy A. Meier wrote:
>  
> +# =========================================================================
> +#  only authorized if uid is root, or matches umad ownership
> +#
> +sub auth_check
> +{
> +	my $file = "/dev/infiniband/umad0";

How would we know that it is "/dev/infiniband/umad0" and not another
device (when first port in not connected, or if -C and/or -P options are
used, or if udev is configured to put the entries in another place)?

Really I don't see an easy (without reimplementing most of libibumad
device resolution functionality via sysfs in perl scripts) way to detect
device reliably.

> +	my $uid = (stat $file)[4];
> +	my $gid = (stat $file)[5];
> +	if (($> != $uid) && ($> != $gid) && ($> != 0)){

The requirement here is not really ownership, but rather that the file
is readable and writable by user which runs script. Right?

Sasha



More information about the general mailing list