On Tue, Oct 17, 2000 at 10:10:07PM +0200, Michael Schmitz wrote: > > Short of recompiling with the port 879 bind/listen disabled? No. And I > don't think this is required. I'm in no mood to summarize the argument on > that point again - pmud is only accessible to the local user, and it > _should_ be accessible to the local user. If you can't trust the local > user not to put your machine to sleep (that's all they can do), tough > luck. well... personally i would not want all users to be able to put my machine to sleep, remember that local user != console user. in this case a unix domain socket might be a nicer way to go since you can change the permissions to only allow a certain group access. being able to restrict access to only the most trusted of users also reduces risks of potential security holes that could be found. (i assume pmud runs as root?) > BTW: pmud listening to commands (like 'sleep' or 'power') on a socket is a > feature, not a bug. The benefits of this feature outweigh the potential > risk for typical laptop computer use. yes i agree with this, but i think a unix domain socket would probably be a better choice in this case. the localhost only port is not that bad but is simply not as flexible. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpSYzFzLAm48.pgp
Description: PGP signature