On Mon, Oct 06, 2008 at 02:27:11PM +0200, Daniel Pielmeier wrote:
> 2008/10/6 Erik Hahn <[EMAIL PROTECTED]>:
> > No, it simply shouldn't change them, there's no reason to do that (to my
> > knowledge).
>
> I think it is a big security issue if a normal user could start
> arbitrary daemons with root privileges. So you should file a bug at
It doesn't give anyone root privileges, it only sets wrong variables.
> I think only root should be able to execute start-stop-daemon and the
> user should be changed with the proper command line switches. I
> actually don't know if it is --chuid or --user as this has changed
> between old baselayout and new openrc.
Why's that? Running a program with user privileges is no security
problem at all.
-Erik
--
hackerkey://v4sw5hw2ln3pr5ck0ma2u7LwXm4l7Gi2e2t4b7Ken4/7a16s0r1p-5.62/-6.56g5OR
