F11 httpd - non-root "service httpd status" reports wrong
Jason Farrell
farrellj at gmail.com
Fri Sep 4 11:42:28 UTC 2009
> As pointed out by others, it is a bug since it is saying something that is
> wrong.
> But I would argue even further:
> 1) The information should be available to the normal user - just like yum
> list and rpm -q
> 2) What have you gained by hiding the info that can be found by os
> 3) We want to minimize the need for privilege escalation, not maximize
Well then, if everybody seems to agree that it's worth the trouble for
all pidfiles to be world-readable, and for 'service foo status' to
always work non-root, then httpd is hardly alone, so there's a bunch
more bugs to file against:
httpd
sendmail
dovecot
amavisd
mysqld (in rhel; but not fedora)
...and many more
--
Jason
More information about the fedora-test-list
mailing list