Re: IRCd security issues
Hi,
> I dont allow IRCD in our secure environment but only run it in the Danger
> Zone on our Shell Server.
Well.. since it is rather self contained it's a good candidate for chroot()
installation. We have currently no real standard for packages which provde
their own small world. ftpd uses the place ~ftp/, but I guess ircd will ive
in /usr/lib/ircd/*. We can add some symlinks from /var/log/ircd and
/etc/ircd into the chroot, but the files are located inside that place. is
this acceptable?
> Could we perhaps have a section for those Packages? As far as I
> understood the discussion any package must be securely work in the most
> sensitive environment in all even theoretically thinkable circumstances.
No I dont think so. But it is good to provide hooks to make them secure.
> I would like to get rid of IRCD. If no one volunteers then I will orphan
> the package.
Boris wanted to upload a DalNet Version, I will upload a EFNet Version... I
will take the undernet server, too. I get your latest release and reupload
it with the name ircd-undernet. We can then add a virtual package ircd.
Comments?
> ircd
Well, actually the security problems of ircd are not very big inlatest
versions.. whats the last report u know of?
Greetings
Bernd
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: