Vitezslav Samel <vitezslav(a)samel.cz> writes:
On Wed, Sep 05, 2012 at 03:31:05PM +0200, Nikola Pajkovsky wrote:
> Vitezslav Samel <vitezslav(a)samel.cz> writes:
>
> > On Tue, Sep 04, 2012 at 04:22:23PM +0200, Nikola Pajkovsky wrote:
> >> Signed-off-by: Nikola Pajkovsky <npajkovs(a)redhat.com>
> >> ---
> >> src/iptraf.c | 44 +++++++++++++++++++++++++++++++++++++++++---
> >> 1 file changed, 41 insertions(+), 3 deletions(-)
> >
> > Seems like changing location of PID file from the command line
> > will be added later?
>
> it won't be added at all. Tell me, why it is useful to run iptraf-ng
> --pid /tmp/x and iptraf-ng /tmp/xx? Seems to me like nice tool to knock
> down system.
>
> while (1)
> iptraf-ng --pid /dev/random
This way of thinking doesn't help. If you are root you can shoot
yourself (your machine) millions other ways.
This option helps in case you want your pid files in eg. /run
directory or maybe in subdirectory of /var/run. And in case we get rid
of geteuid() != 0 check in main() when running under non-root user but
with the proper capabilities (CAP_NET_ADMIN, ...).
and why not to have it in build time? some distribution can (don't know and
don't care) setuid, and patch it like
#ifndef SETUID
if (geteuid() != 0)
die("This program can be run only by the system administrator");
#endif
similar patch comes from debian.
#ifndef IPTRAF_PIDFILE
#define IPTRAF_PIDFILE "/var/run/iptraf-ng.pid"
#endif
BASIC_CFLAGS += IPTRAF_PIDFILE=boo-hoo
what I will do is add comment in Makefile
--
Nikola