On Dec 2, 2009, at 2:55 PM, Jerry Gilliam wrote:
>
> An updated spec for this case, included below, is now ready for
> review as a fast-track. The spec includes marks where changed.
> I've reset the timer for a week, to 12/09/2009.
...
> The acpihpd is started and stopped using the standard Solaris service
> management facility. The acpihpd is an smf service, and will only be
> enabled on
> the platforms which supports IOH/CPU/memory hot plug via an i86pc
> specific |
> profile. Unfortunately, the service has to run as root as it relies
> on the |
> sysevent library which will reject any request from a non-root
> user. The |
> privileges will be restricted to 'basic,!
> proc_info,sys_config,sys_mount, |
> sys_devices'.
> |
I realize that this case is just working with what it's given and that
that's why running as root is required, but why does the sysevent
library make explicit checks for root in the first place? Is there
something that prevents it from expecting its clients to have suitable
privileges and simply passing failures due to insufficient privilege
back to its clients?
Stated a bit differently, I'm wondering whether a bug should be filed
against the sysevent library for non-conformance to the Solaris
privilege architecture.
-- Glenn
