James Carlson wrote:
> Processes that simply _must_ invoke external executables of an
> arbitrary nature have to run with all privileges and bracket the use
> of privileges carefully.
I guess the key above is "arbitrary." So the question is
whether allowing arbitrary executable is necessary. As
I mentioned, if we are just talking about network related
configuration, I guess we know what privileges are enough.
For other services, I guess they will need to do something
special, such as doing something like the example in my
previous mail.
> I'm still not very well convinced that invoking external executables
> is really the right way to tie VRRP into the system, though.
Do you have other suggestions?
--
K. Poon.
[EMAIL PROTECTED]
_______________________________________________
networking-discuss mailing list
[email protected]
