[Nut-upsdev] Re: [nut-commits] svn commit r731
Henning Brauer
hb-nut at bsws.de
Tue Jan 23 20:22:28 CET 2007
* Peter Selinger <selinger at mathstat.dal.ca> [2007-01-23 17:47]:
> Henning Brauer wrote:
> >
> > * Arjen de Korte <nut+devel at de-korte.org> [2007-01-23 12:58]:
> > >
> > > >> The listen_add() function doesn't need root access, so this shouldn't be
> > > >> a problem. Provided the listening socket is above 1023, setuptcp()
> > > >> doesn't need root access either.
> > > >
> > > > of course
> > > >
> > > >> However I don't want to limit ourselves here
> > > >> (there may be people wanting to setup a low port), so I want to setup
> > > >> the server listening sockets as root at least at startup of upsd.
> > > >
> > > > that is a really bad idea.
> > >
> > > Maybe it is, but it is what we have been doing for years. I don't want to
> > > change this without fully understanding (and documenting) the changes and
> > > the impact this may have on system administrators.
> >
> > well, let me make it more clear: it is outright dangerous.
>
> Please elaborate? There are lots of suid programs that open a socket
> and then drop root privileges immediately. For example, ping(8) does
> this, as does ping6(8).
they do not have other options - raw sockets are root only.
--
Henning Brauer, hb at bsws.de, henning at openbsd.org
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
More information about the Nut-upsdev
mailing list