On Tue, 24 Feb 2004, Michael Richardson wrote: > And don't forget that -C permits rolling files, so one might have to > *recover* from chroot() to do that, and then become root again, > etc. Think about this for a moment.
This is a good point, one overlooked previously. Is it OK, now, just by fixing the man page and/or adding some checks that dropping privileges is incompatible with 'C' flag? Or does someone want to start building somekind of real privilege-separation framework? I certainly won't be doing it :) -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
