tincctl patches
Guus Sliepen
guus at tinc-vpn.org
Tue Jul 24 21:44:59 CEST 2007
On Mon, Jul 23, 2007 at 07:09:24PM -0700, Scott Lamb wrote:
> > If you use signal events, apparently libevent sets and resets signal
> > masks around every select/poll/epoll call on Linux. So even if you don't
> > trigger the signals, it incurs a lot of overhead when you're sending or
> > receiving a lot of data.
>
> Oh, I fixed that. :) Upgrade to libevent 1.3b.
Great!
> > That sounds OK. Well, if the administrator does that, and if tincctl uses
> > getpeercred() or other working alternatives if the OS supports it, and
> > falls back to the PID provided by the tincd for those OSes that don't
> > support it, I think that's the best we can do.
>
> I think "those OSs that don't support it" is "everything but Linux". I
> do want to make sure Mac OS X in particular works well, as that's what
> my laptop runs.
>
> How would you feel about making the subdirectory by default and possibly
> even having tincd and/or tincctl refuse to start if the permissions are
> too open?
Hm. Maybe. Or we can use the uid in struct xucred, and check whether
it is 0 or the same as tincctl's.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://brouwer.uvt.nl/pipermail/tinc-devel/attachments/20070724/0296dad5/attachment.pgp
More information about the tinc-devel
mailing list