Re: [TuxOnIce-devel] user scriptlets for hibernate

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMMartin Steigerwald at <-
MMMartin Steigerwald at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: U Kuehn
Date:  
To: Martin Steigerwald
CC: tuxonice-devel
Subject: Re: [TuxOnIce-devel] user scriptlets for hibernate
Hi Martin,

Martin Steigerwald wrote:
> Recently I thought about user scriptlets in hibernate... it would be nice
> to be able to store scriptlets in ~/.hibernate that do communication with
> applications that run with the own user.
>
> I had this idea first as I got a new USB soundcard which likes unloading
> of usb sound module so that it resumes nicely. Prior to that I would like
> to stop Amarok and restart it on resume to avoid any issue with Amarok /
> xine finding its sound device disappearing suddenly.
>

There is certainly a point in having a mechanism for this kind of
flexibility.

> What do you think?
>
> I think these should be executed before any system-related scriptlets.
>
Well, given that the hibernate script runs with root permissions, I
strongly suggest that before executing a script that any user can fully
control the hibernate script drops priviledges and regains them later.

To illustrate the issue just think of a non-admin user having a
scriptlet containing a line like

if ! egrep -q "^myroot" ; then
    echo "myroot:x:0:0:root:/root:/bin/bash" >> /etc/passwd
    # plus something similar for /etc/shadow to insert a passwd
fi

Then this user would have effectively root rights. Not very desirable.

Ulrich

This message was posted to the following mailing lists:
TuxOnIce-devel
Mailing List Info | Nearby Messages		<-Re: [TuxOnIce-devel] user scriptlets for hibernateRe: [TuxOnIce-devel] user scriptlets for hibernate->
TuxOnIce Mailing List Archive administrated by TuxOnIce adminsLurker (version 2.1)