The recent enhancement of poundctl which allows to dump the pound status
as XML is very nice. It strongly prompts for the creation of Web based
interfaces etc. for poundctl.

Unfortunately, the socket pound uses is created with a 077 umask and
root as owner. This makes it difficult for scripts to run poundctl,
because they would have to run as root (uuh!) to access the data.

There had been a proposal some time back to allow configuration of the
socket by new config parameters (ControlUser, ControlGroup,
ControlMode), but I think it could actually be even more simple (i.e.
two more lines of code):  couldn't pound just create the socket with a
000 umask (world read-writable)?
It then would be in the hands of the admin to control access to the
socket via the permissions/ownership of the *path* to the socket, which
would be much more flexible - without having security weakened. Also,
people wouldn't be tempted to do foolish things (setting the setuid bit
for poundctl, for instance) to allow access to the socket.

Steve

Steve wrote:[...]

-1 for world read-write.  What about making it owned by pound's group 
(per the Group directive), and group read-write?

On my setup, that means the proxy group would have access, and then if I 
was running a web interface, the CGI could be setgid 'proxy', which 
seems perfectly reasonable to me.

Regards,[...]