Re: [Coder-Com] Question

Thu, 05 Dec 2002 06:54:09 -0800 

* Tom Rons <[EMAIL PROTECTED]> [2002-12-04 21:12:51 +0100]:
> Hmm, you have a point there. Depending on how it is interpreted by the
> person installing it, it may well look like a failure to run as root.
> I too think it would be a good idea to change it.

  Well, I was going to make this change, but I had a look at the source
and it already says "will not"...so I guess either someone already
changed it or the OP quoted it incorrectly.  :)
  Perhaps the error could still be expanded, though?  I would imagine
that the target audience of that error message (ie, people who didn't
RTFM and know that the server doesn't _need_ to run as root and don't
care enough about security to take advantage of that fact and actually
_not_ run it as root) are not, by and large, going to make the logic
leap that the implied end of that sentence is "...for security reasons,
you need to make a normal user and use that instead".  Feel free to use
this patch if you like.  I couldn't find any "patch submission
guidelines" on the coder-com web site, except this:

# A patch must be submitted with a separate description section that
# include standard header fields, and the actual patch should be in
# "diff-rc3" format.

  I haven't really patched anything before, so I don't know what
"standard header fields" would be, or how to properly include them in
a diff file.  Also, the man page for my version of diff doesn't say
anything about "rc3" so...  But, the entire thing is only 3 lines,
really it takes just as long to simply type in the changes manually as
it does to apply the patch. ;)

-- 
------------------------------------------------------------------------
 daaave                                        Undernet Server Operator
 irc://irc.undernet.org:6667/                       [EMAIL PROTECTED]
------------------------------------------------------------------------

--- ircd.c      2002-09-14 15:44:32.000000000 -0500
+++ ircd.c_new  2002-12-05 06:50:35.000000000 -0600
@@ -563,7 +563,9 @@
 static int set_userid_if_needed(void) {
   if (getuid() == 0 || geteuid() == 0 ||
       getgid() == 0 || getegid() == 0) {
-    fprintf(stderr, "ERROR:  This server will not run as superuser.\n");
+    fprintf(stderr, "ERROR:  This server will not run as superuser, for\n");
+    fprintf(stderr, "        security reasons.  You will need to create a\n");
+    fprintf(stderr, "        new user and run ircu as that user instead.\n");
     return 0;
   }

Attachment: msg01866/pgp00000.pgp
Description: PGP signature

Reply via email to