Jeremie Koenig, le Sat 04 Sep 2010 01:07:21 +0200, a écrit : > On Fri, Sep 03, 2010 at 09:16:50PM +0200, Samuel Thibault wrote: > (...) > > > Ah, so it's really not like "nobody", that's for tasks whose owner is > > > yet unknown, but potentially root-owned or such, or something like this? > > These tasks (for instance the login shells) don't have any uid associated > to them, and no owner either. So it's kindof like running as "nobody", > as far as these processes are concerned.
Ok, but created files aren't given to "nobody", but to root. > However, the uid we publish for the procfs files determines who can read > the "environ" and "stat" files (though the latter is made world-readable > in compat mode), and we don't want to allow "nobody" to do that. Yep. > > > I don't know exactly the rules, but I feel like (uid_t) -1 might be > > > exactly what we need here. > > (uid_t) -1 is what the proc server reports for tasks without an owner, > but it's not really legitimate for filesystem use (unlike the Hurd > processes, inodes have exactly one uid associated to them.) Right. > > (...) > > You should however probably rephrase: rather than "anonymous-owner", > > which could be understood as "anybody can read it, that's fine", it > > should probably be called for instance "unknown-user", as it belongs > > to somebody, we just don't know whom. > > How about "--default-owner" or "--default-uid" ? "default" could imply that it's used for much more cases than just this one. What about "no-owner"? Samuel
