Running SYSTEM as user filepro

Bill Vermillion fp at wjv.com
Thu Nov 18 21:48:18 PST 2004


On Thu, Nov 18 19:39 , Fairlight moved his mouse, rebooted for the 
change to take effect, and then said:" 

> This public service announcement was brought to you by Bill Vermillion:

> > > I don't even particularly like the above solution--it borders
> > > on security through obscurity.

> > Borders??? I'd just say it is.

> Yeah, pretty much.

> > > Someone else feel free to chime in--I'd love to see
> > > something better proposed.  I'm drawing a blank at the moment.

> > Perhaps rcp. It's a bit more restrictive.

> The problem is that you then want to make sure they can -never-
> shell out or gain access to the filepro UID, or you're back to
> the same problem.

> One could implement a spool with a sleep/poll daemon that
> detects any new files, copies them to the appropriate location,
> and chowns them. That's trivial to do, although it's not as
> granular as I'd prefer.

I don't know why I keep seeing people recommend sleep/polling, or
running from cron every minute!! when there are things that are
more efficient.

At least in Linux and FreeBSD [And IRIX since it came from SGI]
you can use 'fam' - file alteration monitor.  It monitors changes
to the file system and you can choose files or directories, and
then do what you wish based upon that.

It will even monitor files on a remote NFS. Tuneable so you can
turn off polling of remotes sites and used 'fam' on the NFS machine
to do the work.

This is not your grandfathers Unix anymore :-)

Having said all that, I've not had a need to use it, nor any
polling with cron or in a sleepy daemon.


Bill
-- 
Bill Vermillion - bv @ wjv . com


More information about the Filepro-list mailing list