[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Privileged Port Puzzle



On 11-Mar-05, 06:40 (CST), Juergen Salk <juergen.salk@gmx.de> wrote: 
> Most services (like apache, e.g.) follow a different approach:
> They have to be run by root initially, and drop privileges as 
> soon as they have done binding their privileged ports. However, 
> this is obviously not the way imagectn is supposed to work. 

Uh, why not? 

> What would be the most appropriate way to cope with this problem
> in Debian?

If (uid==0) {
	bind to specified port;
	setuid("imagectn"); /* or "nobody" */
	setgid("imagectn");
} else {
	bind to specified non-privileged port OR fail;
	/* Keep running as current user */
}


Steve


-- 
Steve Greenland
    The irony is that Bill Gates claims to be making a stable operating
    system and Linus Torvalds claims to be trying to take over the
    world.       -- seen on the net



Reply to: