[tahoe-dev] Warning or error when running Tahoe as root
erpo41 at gmail.com
erpo41 at gmail.com
Tue Jul 31 23:27:08 UTC 2012
I favor the error approach. If a warning message doesn't stop an
application from appearing to work, users won't read it.
Also, are there any reasons tahoe should not be installed and run as a
system service (I.e. installed to /usr/bin/tahoe, config data in
/etc/tahoe/, shares in /var/tahoe, an init/upstart script, etc.)?
Thanks,
Eric
On Jul 31, 2012 10:34 AM, "David-Sarah Hopwood" <david-sarah at jacaranda.org>
wrote:
> On 31/07/12 07:59, Two Spirit wrote:
> > And people do what they are expected to do? I can't speak for the rest
> of the world, but
> > yea, I guess there are a lot of "users" like myself who run as root and
> have no clue what
> > we are doing. My experience with file systems is that you have to run
> as root for any
> > file system stuff. I'm sure there are a lot of people who share my
> background.
> >
> > My idea was a one sentance, standard WARNING disclaimer indicating
> > 1) this should be done as a non-root user or
> > 2) this doesn't need to be done as root
> > somewhere in the running.rst maybe before the first command 'To
> construct a client node,
> > run "tahoe create-client"....'
>
> "We should whine if we're running as root."
> https://tahoe-lafs.org/trac/tahoe-lafs/ticket/725
>
> There's a patch, and I see the ticket is assigned to me; it just needs
> tests.
> I'll put it in the 1.10 milestone.
>
> > What would your idea of said short warning look like?
>
> The one in the current patch says:
>
> ###############################################################
> WARNING: You should not be running Tahoe-LAFS as root!
> This poses an unnecessary security risk and is NOT recommended.
> ###############################################################
>
> There's an argument for saying that this shouldn't just be a warning; it
> should
> be an error, because running as root once may already do things that need
> to be
> undone (e.g. creating files owned by root, as in the case that motivated
> the ticket).
> If we made it an error then we could add an --allow-root option to
> suppress it;
> is that necessary, or overcomplicated?
>
> --
> David-Sarah Hopwood ⚥
>
>
> _______________________________________________
> tahoe-dev mailing list
> tahoe-dev at tahoe-lafs.org
> https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20120731/f774d1d9/attachment.html>
More information about the tahoe-dev
mailing list