tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

inetd(8): security considerations

I'm almost finished with inetd(8)---I still wait for an answer about ATF
tests: to be added if my version of inetd will reach the NetBSD src
tree; if not reaching the NetBSD src tree, I will not bother with ATF.

There is one more thing I'd be inclined to add: when
_serving_ a config as root[*], error if the configuration (including
sourced chunks) is writable by someone else than root.

What do you think?

*: checking mode is unprivileged and can be done by whoever with
whatever readable configuration.
        Thierry Laronde <tlaronde +AT+ polynum +dot+ com>
Key fingerprint = 0FF7 E906 FBAF FE95 FD89  250D 52B1 AE95 6006 F40C

Home | Main Index | Thread Index | Old Index