[Nut-upsdev] Re: [nut-commits] svn commit r731
Peter Selinger
selinger at mathstat.dal.ca
Tue Jan 23 17:50:44 CET 2007
Arjen de Korte wrote:
>
> >> > root's socket ownership can have more consequences. don't do that.
> >> Root doesn't own the socket, since we drop privileges before
> >> backgrounding, just a short while later.
> > root DOES own the socket, because it gets opened by root. that is
> > recorded and does not change by the daemon dropping privileges.
>
> Oops! Point taken, this *has* to go (I didn't realize that).
>
> Fortunately, the trouble with STATEPATH requires rewriting the load_conf()
> function anyway, so this takes no additional effort. People wanting to use
> privileged ports (for whatever reason there may be) will have to run the
> server as root then and accept the consequences.
I don't think this is a good idea. If this is indeed determined to be
a security problem (I still fail to see why exactly), then there
should still be an option, for those who need it, of opening a
privileged port and then dropping root. That is definitely safer than
opening a privileged port and then continuing to run a potentially
messy application as root.
-- Peter
More information about the Nut-upsdev
mailing list