Hi Denys, On Sunday 10 August 2008 21:18, Denys Vlasenko wrote: > On Sunday 10 August 2008 14:33, Dominik Geyer wrote: > > Hi, > > > > I forgot something in my last mail: > > > > What about an ENABLE_FEATURE_FAKEIDENTD_SETUID config-option which > > optionally > > allows to drop privileges to a specified uid/gid? > > For what purpose? Do you see any way fakeidentd > can be compromised?
No, I don't. Even the code is quite trivial, I don't have a good feeling running such services as root. I considered this just as a precaution. In the original (?) fakeidentd <http://www.guru-group.fi/~too/sw/releases/identd.c> there was an overflow-bug (<https://www.sans.org/newsletters/sac/sac2_31.php>). BTW: This version of fakeidentd drops privileges, too. -- Dominik _______________________________________________ busybox mailing list [email protected] http://busybox.net/cgi-bin/mailman/listinfo/busybox
