On Wed, Jan 21, 2004 at 08:05:27AM +0200, Pekka Savola wrote: > As for why I went for "pcap" instead of nobody in the first place.. > Red Hat bundles tcpdump with arpwatch, which I also coded to drop root > privileges. Picking a specific user name for these two purposes > seemed only logical. (Arpwatch has to maintain a couple of files owned > by 'pcap' as well.)
I agree that picking a new user for this purpose is a sound choice. However, if this user owns files (especially ones that might be run or otherwise used by root), it seems to defeat the purpose. Andrew - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
