[Nut-upsdev] Re: [nut-commits] svn commit r731

[Arjen de Korte]

>> Short of the fact that people may not be able to open a high
>> port in a firewall for some insane corporate policy, I see no real
>> benefits for the privileged ports.
>
> Perhaps a reasonable solution is to drop privileges by default
> immediately after chroot() and reading upsd.conf, and to allow an
> option for delaying it until after the sockets are opened. In fact, if
> the socket opening fails, one could print an error message such as
> "Unable to open privileged port 678 as user 'nut'. If you really want
> to do this, please retry with the --privileged option".

We don't have to wait that long. We could already check for this in the
listen_add() function. If a port lower than 1024 is specified and the
--privileged option (or something like that) is not specified, we already
know opening the socket is probably not going to work. I don't think we
should check if '-u <user>' was specified here by the way. Although
privileges won't be dropped in case no user was specified (and it doesn't
matter when to open the sockets) I think people should be made aware of
this. Otherwise they may (wrongly) assume that specifying a privileged
port requires upsd to run as root. I don't think running nut on a
non-default port is that common anyway, so this option is merely used for
our peace of mind in case we misjudged this.

Best regards, Arjen