On Wed, Jan 28, 2009 at 02:24:27PM +1100, Ben Finney wrote:
(I'm only addressing commentary on the current PEP here. Comparisons to MS Windows services have been addressed in other messages.)
(I've run out of steam trying to argue the virtues of cross- platform modules, so I'm only commenting on Ben's commentary on my commentary.)
Trent Nelson writes:
On Wed, Jan 28, 2009 at 01:15:41PM +1100, Ben Finney wrote:
If true, prevents the generation of core files, in order to avoid leaking sensitive information from daemons run as `root`.
I was going to suggest service.set_secure(True)
That name implies something emphatically not true: that a program's security is a binary toggle, and it can be turned on or off.
but then I wondered what is this actually achieving? Won't the resulting .core will be owned by root?
Yes. Which is less secure than never creating the core file at all.
I must be missing something. This seems like a false sense of security. The core file is owned by root. Someone will need root access in order to read it. If someone has root access, and has malevolent intentions, it's game over, .core file or not. Trent.