14 Mar 19:30
Re: sipx-restore - help needed
From: Scott Lawrence <slawrence <at> pingtel.com>
Subject: Re: sipx-restore - help needed
Newsgroups: gmane.comp.voip.sipx.devel
Date: 2008-03-14 18:30:21 GMT
Subject: Re: sipx-restore - help needed
Newsgroups: gmane.comp.voip.sipx.devel
Date: 2008-03-14 18:30:21 GMT
On Fri, 2008-03-14 at 14:04 -0400, Paul Mossman wrote: > > -----Original Message----- > > From: sipx-dev-bounces <at> list.sipfoundry.org > > [mailto:sipx-dev-bounces <at> list.sipfoundry.org] On Behalf Of Damian > > Krzeminski > > > - sipXconfig is using sipx-sudo-restore > > (sipXcommserverLib/src/sipxrestorebinary/sipx-sudo-restore.c), > > why isn't PATH set when it's run (or rather why /usr/bin is not in > > the PATH)? > > PATH is intentionally not set for security reasons, at Scott's > suggestion: (http://list.sipfoundry.org/archive/sipx-dev/msg07814.html), > but... > > > - what's the recommended way to fix it - java is just one of the many > > utilities that this script needs: for example it is using pg_restore > > which is also in /usr/bin > > I think the security concern was with blindly passing over the PATH from > the executing user's environment. There shouldn't be a problem with > execve() sipx-restore with an explicitly constructed PATH. > > So, what paths to put into sipx-sudo-restore.c? Maybe we can start by > hard-coding /usr/bin. But java might be installed elsewhere, do we have > an easy way to find out at build time? Do we need to worry about > pg_restore getting installed elsewhere? Any other tools? > > I notice that sipx-config has a $SIPX_JAVA_HOME, though it doesn't seem > to be defined in the error scenario. What is it? Maybe it could help > us... We should be finding this out at build time if possible. I think it would be perfectly reasonable to hard code the path to whatever it is at build time on each platform (that is, find it in the configure script at build time and then hard code to that). If the installed system puts it somewhere else, they will just have to make a link. -- -- Scott Lawrence tel:+1.781.229.0533;ext=162 or sip:slawrence <at> pingtel.com sipXecs project coordinator - SIPfoundry http://www.sipfoundry.org/sipXecs CTO, Voice Solutions - Bluesocket Inc. http://www.bluesocket.com/ http://www.pingtel.com/
RSS Feed