[10056] in bugtraq
Re: Bug in xfs
daemon@ATHENA.MIT.EDU (Juha Virtanen)
Wed Mar 31 02:32:36 1999
Date: Wed, 31 Mar 1999 09:38:28 +0300
Reply-To: jiivee@iki.fi
From: Juha Virtanen <jiivee@IKI.FI>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.4.10.9903292354300.1677-100000@lt.wsisiz.edu.pl>
Regardless of the bug Lukasz Trabinski found in xfs -- it should
be fixed and similar bugs traced from other software as well --
it is not necessary to run xfs with root permissions at all.
Someone may unknowingly argue that it needs to listen a port.
Yes, but that's usually port 7100, and as it's not under 1024
limit, so root permission isn't needed.
I've run xfs for ages on separate account. below is the
significant startup line I use in RedHat 5.x systems:
daemon /bin/su fontsvr -c "/usr/X11/bin/xfs -config /etc/X11/fs/config -port 7100 &"
The rule is: if a daemon can do its work with lower permissions
than root, it should.
I do also run named as nonroot permissions (Startup
/usr/sbin/named -u user -g group). I recommend other people
doing this as well.
Juha Virtanen
--
<URL:http://www.iki.fi/jiivee/>
