(no subject)

Jaakko Heusala Jaakko.Heusala at kapsi.fi
Sat Mar 6 14:17:25 PST 2004


On Sat, 6 Mar 2004, Robert Connolly wrote:

> Ftpd's are okay if they're only used for anonymous users, and drop
> privleges. Vsftpd does this.

How about using a kernel patch that allows root to delegate the ability to
bind to a port lower than 1024 as non-privileged user? Then there would be
no need to start that software with root-privileges.

I don't know is there better choises for the patch like that but I know
this one: http://killa.net/infosec/acls/

I haven't tested it and I thought it does not support multihomed machines.
But the idea is good.

Best regards,

     J. H. Heusala



More information about the hlfs-dev mailing list