On Monday 11 August 2008 16:28, you wrote: > >> > What about an ENABLE_FEATURE_FAKEIDENTD_SETUID config-option which > >> > optionally > >> > allows to drop privileges to a specified uid/gid? > >> > >> For what purpose? Do you see any way fakeidentd > >> can be compromised? > > > > No, I don't. Even the code is quite trivial, I don't have a good feeling > > running such services > > as root. I considered this just as a precaution. > > > > In the original (?) fakeidentd > > <http://www.guru-group.fi/~too/sw/releases/identd.c> > > there was an overflow-bug > > (<https://www.sans.org/newsletters/sac/sac2_31.php>). > > Use "tcpsvd -u <user>:<group> 0 113 fakeidentd -i" then. >
That's a good compromise/solution, I'll use this one. Thank you! -- Dominik _______________________________________________ busybox mailing list [email protected] http://busybox.net/cgi-bin/mailman/listinfo/busybox
