[928] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] about in.identd

daemon@ATHENA.MIT.EDU (Alan Cox)
Thu Jul 18 16:48:46 1996

From: Alan Cox <alan@cymru.net>
To: jordy@newport.thirdwave.net (Jordy)
Date: Thu, 18 Jul 1996 21:04:02 +0100 (BST)
Cc: alex@bach.cis.temple.edu, linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.LNX.3.94.960718021743.21594B-100000@newport.thirdwave.net> from "Jordy" at Jul 18, 96 02:20:56 am

> root? you don't need root permissions to lookup who owns a port, and there
> are a few other programs that inetd spawns that bind to ports under 1024
> that don't run as root [systat comes to mind]. 
> 
> so why run it as root? are we just asking for trouble?

I guess for history reasons (most identds dive into the kmem) - we have
/proc so it seems we should run it as nobody

home help back first fref pref prev next nref lref last post