Hi, On Sat, Aug 10, 2019 at 11:24:37AM +0200, Marc Haber wrote:
> >But there are other ways. Many traditional daemons can start as root > >and drop privileges. > How many lines of code have been replicated all along those daemons, > how many security relevant bugs in this code did we solve it he last > decades and how many did we not discover yet? This code is still used with systemd because the unprivileged users do not have the necessary permissions to access SSL keys. I'd gladly see that factored out into a separate process, but we're not there yet. Simon
