[ofa-general] Re: [PATCH] infiniband-diags: terminate perl scripts with error if not authorized
Hal Rosenstock
hrosenstock at xsigo.com
Fri May 30 05:56:13 PDT 2008
On Sun, 2008-05-25 at 22:14 +0300, Sasha Khapyorsky wrote:
> Hi Tim,
>
> On 09:04 Fri 23 May , Timothy A. Meier wrote:
> >
> > +# =========================================================================
> > +# only authorized if uid is root, or matches umad ownership
> > +#
> > +sub auth_check
> > +{
> > + my $file = "/dev/infiniband/umad0";
>
> How would we know that it is "/dev/infiniband/umad0" and not another
> device (when first port in not connected, or if -C and/or -P options are
> used, or if udev is configured to put the entries in another place)?
>
> Really I don't see an easy (without reimplementing most of libibumad
> device resolution functionality via sysfs in perl scripts) way to detect
> device reliably.
How about having a library function return the umad mapping so this
doesn't need to be reimplemented ?
-- Hal
> > + my $uid = (stat $file)[4];
> > + my $gid = (stat $file)[5];
> > + if (($> != $uid) && ($> != $gid) && ($> != 0)){
>
> The requirement here is not really ownership, but rather that the file
> is readable and writable by user which runs script. Right?
>
> Sasha
> _______________________________________________
> general mailing list
> general at lists.openfabrics.org
> http://lists.openfabrics.org/cgi-bin/mailman/listinfo/general
>
> To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
More information about the general
mailing list