Description of problem: Many cluster daemons inherit environment of the user that started the cluster. This is a minor security risk. Version-Release number of selected component (if applicable): cman-2.0.115-1.el5_4.9 How reproducible: examine /proc/<pid>/environ for the cluster daemons. Steps to Reproduce: 1. start cluster 2. find pids of groupd, fenced, dlm_controld, gfs_controld, clurgmgrd 3. examine /proc/<pid>/environ for these Actual results: Environment variables from the user that started the cluster will appear - eg. LS_COLORS, PWD Expected results: The daemons should build their own sanitized environments, otherwise unexpected dependencies on the user can occur - such as requiring arbitrary directories to continue to exist. Additional info:
Pass this over to Dave as he looks after most of the daemons mentioned.
I've never heard of doing this; what specifically would you suggest they do?
Sorry - I have wasted your time. I have checked again the environment of the affected daemons, and they are fine. PATH has been sanitized. cwd has been changed to a sane place. I was misled by the PWD setting, which remains (harmlessly) set to the cwd of the user when cman is started. Please kill this bug report.