![]() ![]() |
![]() |
File: [Pegasus] / pegasus / src / Executor / Attic / todo.txt
(download)
Revision: 1.1.2.12, Fri Dec 29 17:47:30 2006 UTC (17 years, 6 months ago) by mike Branch: PEP286_PRIVILEGE_SEPARATION_BRANCH CVS Tags: PEP286_PRIVILEGE_SEPARATION_1 Changes since 1.1.2.11: +5 -0 lines PEP#: 286 TITLE: Privilege Separation DESCRIPTION: Ongoing privilege separation work. |
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA (A) Consider getting rid of HandleRenameFileRequest(). (A) Consider daemonizing before forking child process. Use configuration options (daemon=true). (A) Move PAM into executor process. (A) Test all authentication modes. (A) Test all OOP execution modes. 2 - Requestor 3 - Designated 4 - Privileged 5 - Server (A) Implement policy checks on all operations. (A) Logging via syslog (implement log-level option). (A) Implement provider policy file (from repository). BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB (B) Examine usage of functions that may create, delete, or rename files. (FileSystem::*, ofstream(), fopen(), open()). (B) Convert executor to pure C program. CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC (C) Should ExecutorClient eventually be a C program too? Perhaps it will be needed by CMPI?
No CVS admin address has been configured |
Powered by ViewCVS 0.9.2 |