From: F. S. <fre...@la...> - 2005-02-24 14:09:20
|
Thursday, February 24, 2005, 2:29:01 PM, you wrote: Just à quick word about privsep and config reload together. > But if tomorrow someone wants to be able to change "everything in the > config and just go on", including the privsep switch, I'll start by > asking him if he really wants to changes this switch twice a day ! Since the beginning of this discussion, I've had a small idea, maybe good, maybe not. Couldn't we pass the privsep basic flags (user id and group id) on the command line only (and downwards to the unpriv child) ? Could that allow us to move the config parsing code into the unprivileged instance ? And, from that point of view, switching from non-privsep to privsep couldn't be done without a restat, which is quite logical, anyways. Thoughts ? Fred -- HTML's a cheap whore. Treating her with respect is possible, and even preferable, because once upon a time she was a beautiful and virginal format, but you shouldn't expect too much of her at this point. (Mark 'Kamikaze' Hughes in the SDM) |