[ofa-general] Re: [PATCH] infiniband-diags: terminate perl scripts with error if not authorized
Sasha Khapyorsky
sashak at voltaire.com
Sun May 25 12:14:30 PDT 2008
Hi Tim,
On 09:04 Fri 23 May , Timothy A. Meier wrote:
>
> +# =========================================================================
> +# only authorized if uid is root, or matches umad ownership
> +#
> +sub auth_check
> +{
> + my $file = "/dev/infiniband/umad0";
How would we know that it is "/dev/infiniband/umad0" and not another
device (when first port in not connected, or if -C and/or -P options are
used, or if udev is configured to put the entries in another place)?
Really I don't see an easy (without reimplementing most of libibumad
device resolution functionality via sysfs in perl scripts) way to detect
device reliably.
> + my $uid = (stat $file)[4];
> + my $gid = (stat $file)[5];
> + if (($> != $uid) && ($> != $gid) && ($> != 0)){
The requirement here is not really ownership, but rather that the file
is readable and writable by user which runs script. Right?
Sasha
More information about the general
mailing list