Read the setpriv post from before, is adding that not more benifical. Just quick tested util-linux version.
It allows privdropping udhcpd - net_raw udhcpc - net_raw,net_admin udhcpc6 - net_raw,net_admin ntpd - sys_time telnetd - setuid,setgid ftpd - setuid,setgid,(sys_chroot someone posted the homedir patch the other day) crond - setuid,setgid even managed to get dropbear out of it nothing to do with actually coding but that just gifted me an easy way to harden my current busybox setup so many thanks who ever posted that :) off down a seccomp cli wrapper rabbit hole now --
signature.asc
Description: PGP signature
_______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
