tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: inetd(8): security considerations

> There is one more thing I'd be inclined to add: when _serving_ a
> config as root[*], error if the configuration (including sourced
> chunks) is writable by someone else than root.

> What do you think?

A reasonable thing if it's an overridable default.  An extremely
annoying thing (albeit only occasionally) if it's non-overridable.

Also, I'm not sure how I'd modify that if the UID it's serving as is
someone other than root.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

Home | Main Index | Thread Index | Old Index