[14007] in bugtraq
Re: flex license manager tempfile predictable name...
daemon@ATHENA.MIT.EDU (Edwards Philip M Contr AFRL/SNRR)
Thu Feb 24 17:01:06 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Message-Id: <9F17D7A52AA1D311988500104B2444E00103627C@FSZHTV44>
Date: Thu, 24 Feb 2000 11:23:31 -0500
Reply-To: Edwards Philip M Contr AFRL/SNRR <Philip.Edwards@WPAFB.AF.MIL>
From: Edwards Philip M Contr AFRL/SNRR <Philip.Edwards@WPAFB.AF.MIL>
X-To: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Roelof JT Jonkman <rjonkman@ITTC.UKANS.EDU> wrote:
> Flex does not need to run as root:
>
> Somewhere on their webpage they have some scripts, I crafted
> some myself, and
> didn't see a need to run a license manager as root.
We use software that comes with FlexLM, and their[*] documentation states
that lmgrd should specifically /not/ be run as root. Some of the wrapper
scripts shipped with the software perform a UID check and bail out if root
is running the script.
All of the license manager startup scripts do a "su <foo> -c startupcommand"
where <foo> is some mortal user with few abilities.
Phil
[*] The vendor/third-party software itself.
--
Phil Edwards <philip.edwards@wpafb.af.mil>
Senior Unix Sysadmin AFRL/SNRR
Wright-Patterson AFB
