From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-dev+bounces-27529-garchives=archives.gentoo.org@gentoo.org>)
	id 1IqCIE-0004hy-To
	for garchives@archives.gentoo.org; Thu, 08 Nov 2007 18:39:55 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.14.2/8.14.0) with SMTP id lA8IcIYR017139;
	Thu, 8 Nov 2007 18:38:19 GMT
Received: from smtp.ferdyx.org (170.Red-213-96-222.staticIP.rima-tde.net [213.96.222.170])
	by robin.gentoo.org (8.14.2/8.14.0) with ESMTP id lA8IYvjr012040
	for <gentoo-dev@lists.gentoo.org>; Thu, 8 Nov 2007 18:34:57 GMT
Received: from localhost (localhost [127.0.0.1])
	by smtp.ferdyx.org (Postfix) with ESMTP id C05558D307
	for <gentoo-dev@lists.gentoo.org>; Thu,  8 Nov 2007 19:36:29 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at ferdyx.org
Received: from smtp.ferdyx.org ([127.0.0.1])
	by localhost (tungsteno.ferdyx.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id aUYLLk9EHS2F for <gentoo-dev@lists.gentoo.org>;
	Thu,  8 Nov 2007 19:36:28 +0100 (CET)
Received: from localhost (unknown [213.121.151.206])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.ferdyx.org (Postfix) with ESMTP id C54D48D305
	for <gentoo-dev@lists.gentoo.org>; Thu,  8 Nov 2007 19:36:27 +0100 (CET)
Date: Thu, 8 Nov 2007 18:34:50 +0000
From: Ciaran McCreesh <ciaran.mccreesh@blueyonder.co.uk>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev]  Re: eselect_zenity: alpha eselect GUI
Message-ID: <20071108183450.15b4a7bb@blueyonder.co.uk>
In-Reply-To: <fgvju5$lck$1@ger.gmane.org>
References: <20071108104813.GI5516@supernova>
	<20071108105454.1844a75c@blueyonder.co.uk>
	<20071108120742.GK5516@supernova>
	<20071108124333.2a3dfdc7@blueyonder.co.uk>
	<fgvju5$lck$1@ger.gmane.org>
X-Mailer: Claws Mail 3.0.2 (GTK+ 2.12.1; x86_64-pc-linux-gnu)
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="Sig_/+PQBh2lAWx/YxjXJnYt1Twi";
 protocol="application/pgp-signature"; micalg=PGP-SHA1
X-Archives-Salt: b6a84aac-dc47-44e9-a578-7405039150ed
X-Archives-Hash: a862a0ecef8a0149b76c6555c708240b

--Sig_/+PQBh2lAWx/YxjXJnYt1Twi
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

On Thu, 08 Nov 2007 18:22:48 +0000
Steve Long <slong@rathaus.eclipse.co.uk> wrote:
> > if [[ ${UID} -ne 0 ]]; then
> >=20
> > We've always told people not to do that. Capabilities required by
> > eselect modules should be tested by attempting to perform the
> > action, not by some arbitrary query done on UIDs or groups. Being
> > UID 0 doesn't mean you're allowed to do something, and not being
> > UID 0 doesn't mean you're not allowed to do something.
> >=20
> I've always used EUID for the root check, eg:

Which is just as bad.

> This won't get round capabilities (so error status should still be
> checked and the script bail with appropriate output, if it can't do
> something it's supposed to) but it's sufficient for root privilege
> check, and is better than UID which requires login as root. This
> doesn't, of course, deal with non-root users, eg where users in group
> portage are allowed to carry out a task.

Except you absolutely never should be checking for root. You should be
checking for capabilities.

> You can check for that kind of thing with a writeable test, eg:
> [[ -w $PORTDIR ]] || die 'Write access to portage dir required"

-w is not reliable.

> Wrt signalling die, the correct way for a script to terminate on
> signal is something like this code, taken from a SIG_INT handler:
>         trap INT
>         kill -INT $$
> This ensures the parent process is correctly notified. So IOW just
> kill self with the appropriate signal, ensuring any traps are cleared.

No it isn't. When it comes to die, from bad implementations to good
implementations, the order goes: the original drobbins prefix die sucks
more than the original agriffis die, which sucks more than my original
signalling eselect die, which sucks more than the current signalling
paludis die. As time goes on we're finding better and better tricks to
work around bash's lack of exceptions; eselect is currently one
generation behind the best current known solution.

--=20
Ciaran McCreesh

--Sig_/+PQBh2lAWx/YxjXJnYt1Twi
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHM1bK96zL6DUtXhERAm4mAJ9JstOhbZ+dviFOEX8YcNan9EDHfACfTBNJ
zdYwXLadqGVHvbUv1LGDT6c=
=u0A1
-----END PGP SIGNATURE-----

--Sig_/+PQBh2lAWx/YxjXJnYt1Twi--
-- 
gentoo-dev@gentoo.org mailing list