Re: Question about writing systemd unit for old package
On Wed, May 19, 2021 at 8:51 AM Richard Hector wrote:
> Does that not depend on whether it does anything before dropping
> privileges? For example, a webserver can bind to low ports before
> dropping privilege. I imagine if the systemd service unit specified
> running as (eg) www-data, that wouldn't work.
I don't know the details, but I think systemd can open the ports and
transparently pass them to the unprivileged process when it is spawned
without any data loss, in a similar way to the inetd stuff used to
work.
http://0pointer.de/blog/projects/inetd.html
--
bye,
pabs
https://wiki.debian.org/PaulWise
Reply to: