[RFC] last(1) with security.bsd.see_other_uids support
Ed Schouten
ed at 80386.nl
Thu Jun 7 07:28:01 UTC 2012
2012/6/6 Pawel Jakub Dawidek <pjd at freebsd.org>:
> Any privileged daemon is much bigger threat. Also, do we really want a
> daemon running all the time just to be able to parse utx files?
Well, if you think of it, it's not a very strange idea:
- You can simply get rid of /var/run/utx.active. There's no need for
this to be written to disk. It can just stay in memory.
- You can use devd to track the destruction of TTYs, so you can
automatically garbage collect stale entries for pseudo-terminals.
Right now a `killall -9 xterm' may leave stale entries behind.
- The other files aren't _that_ big. On FreeBSD, utx.log only stores
entries for the last month. Especially if you implement
getutxid()/getutxuser() as separate calls, much of the filtering is
already done by the daemon.
--
Ed Schouten <ed at 80386.nl>
More information about the freebsd-hackers
mailing list