cvs commit: src/lib/libutil Makefile libutil.h pidfile.3
rwatson at FreeBSD.org
Thu Aug 25 17:02:42 GMT 2005
On Thu, 25 Aug 2005, Brooks Davis wrote:
> This is probably a good idea for system daemons, but I'm not sure
> there's much point in encouraging it for ports.
I think we'll find that more and more third party applications do know how
to do this as a result of tight integration of selinux into upcoming Linux
releases. By placing pid files in separate directories, you avoid needing
to grant fairly broad rights on the directory itself. While you can
pre-create pidfiles, other things like sockets generally can't be
precreated in trivial ways without granting large amounts of privilege to
the daemon when it starts running.
Robert N M Watson
More information about the cvs-src