Jaakko.Heusala at kapsi.fi
Sat Mar 6 14:17:25 PST 2004
On Sat, 6 Mar 2004, Robert Connolly wrote:
> Ftpd's are okay if they're only used for anonymous users, and drop
> privleges. Vsftpd does this.
How about using a kernel patch that allows root to delegate the ability to
bind to a port lower than 1024 as non-privileged user? Then there would be
no need to start that software with root-privileges.
I don't know is there better choises for the patch like that but I know
this one: http://killa.net/infosec/acls/
I haven't tested it and I thought it does not support multihomed machines.
But the idea is good.
J. H. Heusala
More information about the hlfs-dev