[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: pmud and gkrellm on tcp???



On Tue, Oct 17, 2000 at 10:10:07PM +0200, Michael Schmitz wrote:
> 
> Short of recompiling with the port 879 bind/listen disabled? No. And I
> don't think this is required. I'm in no mood to summarize the argument on
> that point again - pmud is only accessible to the local user, and it
> _should_ be accessible to the local user. If you can't trust the local
> user not to put your machine to sleep (that's all they can do), tough
> luck. 

well... personally i would not want all users to be able to put my
machine to sleep, remember that local user != console user.  

in this case a unix domain socket might be a nicer way to go since you
can change the permissions to only allow a certain group access.  

being able to restrict access to only the most trusted of users also
reduces risks of potential security holes that could be found.  (i
assume pmud runs as root?) 

> BTW: pmud listening to commands (like 'sleep' or 'power') on a socket is a
> feature, not a bug. The benefits of this feature outweigh the potential
> risk for typical laptop computer use. 

yes i agree with this, but i think a unix domain socket would probably
be a better choice in this case.  the localhost only port is not that
bad but is simply not as flexible.  

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgpsZb6AvXyXm.pgp
Description: PGP signature


Reply to: