[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Privilege dropping for rtadvd
On Thu, Jun 27, 2013 at 04:30:22PM +0100, Roy Marples wrote:
> On 27/06/2013 16:01, christos%astron.com@localhost wrote:
> >In article <20130627114300.GA20412%mx.elandsys.com@localhost>,
> > <logan%elandsys.com@localhost> wrote:
> >>I'm not sure if people might agree with this, but I'm interested
> >>in having a dedicated user for rtadvd after it's done acquiring
> >>the socket.
> >>OpenBSD already does that:
> I don't see any reason why not.
> I don't mind spending some time on this :)
Well, I've already starting working on a diff. Would you be interested
in reviewing it :-) ?
> >The problem is that after you drop privs you cannot start listening
> >to new interfaces that might appear, but the daemon does not do
> >this now, right?
> Sure it can because for IPv6 we just open a single socket not bound
> for any specific interface.
> We check for a valid interface though as we set IPV6_RECVPKTINFO on it.
> Or should, I've not tested it though.
Main Index |
Thread Index |