Subject: Re: misc/6882: /var/spool/news should be owned by news.news
To: Geoff Wing <firstname.lastname@example.org>
From: Andrew Brown <email@example.com>
Date: 01/27/1999 19:18:50
>They'd make the hierarchy required by their servers. And since most
>probably need a setuid root daemon to bind to the nntp port, you'd have
>to install as root anyway so you'd have access to /var/spool/news
innd has an "inndhelper" program (the exact name of which escapes me
at this point in time. startinnd perhaps?) that, when run as root,
does three things.
1) bind the nntp port (119).
2) lose privs.
3) exec innd and pass in the (already listening?) socket.
(i wonder if there are any exploits waiting to happen there... :)
|-----< "CODE WARRIOR" >-----|
firstname.lastname@example.org * "ah! i see you have the internet
email@example.com (Andrew Brown) that goes *ping*!"
firstname.lastname@example.org * "information is power -- share the wealth."