[collectd] How to store MySQL statistics?

[Florian Forster]

Hey :)

On Tue, Dec 20, 2005 at 02:29:56PM +0100, Niki Waibel wrote:
> this directory thing is pretty hairy from a security point of view!!!
> ../../.. and symbolic links schould be checked.

I don't think it's that big of a problem actually. Most of the filename
comes from the plugins themselfes. They may fill in the `instance', so
that should be checked for slashes..

I'll still check and refuse to create directories that begin with a dot.

As far as symbolic links are concerned I'd say that's the responsibility
of the administrator or whoever is running the program. I myself want to
be able to use symbolic links within the data directory..

> a nice possability for a buffer overflow.

collectd handles with strings from the outside almost everywhere, I
don't think that's any worse here.. (Nor will it be any better.. ;)

> we have to keep in mind that collectd runs as root all the time.

It doesn't need root unless you want to use the `ping' or `serial'
plugins.

> maybe it would make sense to switch user and group for writing a files
> ... i think there was a way to switch and then continue work as root.

Hmhm..

> maybe the default should be that all privilegues are dropped,
> and only for special modules that need it those are kept.
> most things the modules do can be done as user!

Yeah, that's much better.. Still, _real_ privilege seperation would be
better, i.e. have one process collecting ping (and serial) statistics,
another to collect the rest (possibly without any privileges) and a
third one to write the RRD files. With the upcoming configfile that
should be easily possible..

Regards,
-octo
-- 
Florian octo Forster
Hacker in training
GnuPG: 0x91523C3D
http://verplant.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mailman.verplant.org/pipermail/collectd/attachments/20051220/23e5efb6/attachment.pgp