"Running as root just to bypass a
file security problem is a bad idea in my opinion."

yes a totally evil idea!
ed sharpe!




Subj:[Koha-devel] [Bug 49] Z39.50 module makes too many connections to the database
Date:6/30/2002 10:46:29 PM US Mountain Standard Time
From:bugzilla-daemon@wilbur.katipo.co.nz
To:koha-devel@lists.sourceforge.net
Sent from the Internet



http://bugs.koha.org/cgi-bin/bugzilla/show_bug.cgi?id=49





------- Additional Comments From am12@bolis.com  2002-07-01 17:45 -------
It seems to me that running as root then changing user ID's has potential for
creating unnecessary bugs or security holes.   Running as root just to bypass a
file security problem is a bad idea in my opinion.  The script doesn't even need
to write to /var/run.  It only needs access to /var/run/koha, which can be owned
by apache. 

I don't know the various tradeoffs, but potentially the script could be run as
something other than root or apache, such as daemon. 

And just to reiterate, the whole issue of /var/log or /var/run is
Linux-specific, and doesn't apply directly to other Unix flavors.  Leave the
OS-specific items, including file ownership issues, in the shell scripts.

The processz3950queue script itself should be as simple as possible.