Re: socket-based activation has unmaintainable security?

To: debian-devel@lists.debian.org
Subject: Re: socket-based activation has unmaintainable security?
From: Martin Wuertele <maxx@debian.org>
Date: Wed, 6 Feb 2013 09:27:57 +0100
Message-id: <[🔎] 20130206082757.GC24543@anguilla.debian.or.at>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: Martin Wuertele <maxx@debian.org>
In-reply-to: <[🔎] CAJusiZUjKP_nv96HNCmUFyNRUkyYW+1Y1JPtpCMC4hoTip3Yaw@mail.gmail.com>
References: <20121114204711.GA9158@virgil.dodds.net> <[🔎] 5110DCEC.4010405@gmail.com> <[🔎] CAJusiZUjKP_nv96HNCmUFyNRUkyYW+1Y1JPtpCMC4hoTip3Yaw@mail.gmail.com>

* Shawn <shawnlandden@gmail.com> [2013-02-05 18:43]:

> socket-activation in systemd _helps_ security in that you can give an
> unprivlidged process a listening port under 1024. (using a privileged
> configuration file)

Privileged vs. unprivileged port is not really a secuitry improvement.

Yours Martin

Reply to:

Follow-Ups:
- Re: socket-based activation has unmaintainable security?
  - From: Chow Loong Jin <hyperair@debian.org>

References:
- socket-based activation has unmaintainable security?
  - From: Thomas Hood <jdthood@gmail.com>
- Re: socket-based activation has unmaintainable security?
  - From: Shawn <shawnlandden@gmail.com>

Prev by Date: Re: Building and using shared libraries using gccgo
Next by Date: Re: socket-based activation has unmaintainable security?
Previous by thread: Re: socket-based activation has unmaintainable security?
Next by thread: Re: socket-based activation has unmaintainable security?
Index(es):
- Date
- Thread