inetd(8): security considerations

To: tech-userlevel%netbsd.org@localhost
Subject: inetd(8): security considerations
From: tlaronde%polynum.com@localhost
Date: Mon, 3 Jul 2023 10:08:36 +0200

I'm almost finished with inetd(8)---I still wait for an answer about ATF
tests: to be added if my version of inetd will reach the NetBSD src
tree; if not reaching the NetBSD src tree, I will not bother with ATF.

There is one more thing I'd be inclined to add: when
_serving_ a config as root[*], error if the configuration (including
sourced chunks) is writable by someone else than root.

What do you think?

*: checking mode is unprivileged and can be done by whoever with
whatever readable configuration.
-- 
        Thierry Laronde <tlaronde +AT+ polynum +dot+ com>
                     http://www.kergis.com/
                    http://kertex.kergis.com/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89  250D 52B1 AE95 6006 F40C

Follow-Ups:
- Re: inetd(8): security considerations
  - From: Mouse

Prev by Date: Re: Trivial program size inflation
Next by Date: Re: Trivial program size inflation
Previous by Thread: ipsec: slight inconsistency
Next by Thread: Re: inetd(8): security considerations
Indexes:

Home | Main Index | Thread Index | Old Index