Re: Applications using Linux capabilities

To: debian-security@lists.debian.org
Subject: Re: Applications using Linux capabilities
From: Bdale Garbee <bdale@gag.com>
Date: 22 Mar 2001 07:41:13 -0700
Message-id: <[🔎] 87wv9hg92u.fsf@rover.gag.com>
In-reply-to: juolja@utu.fi's message of "22 Mar 2001 06:00:22 -0700"
References: <[🔎] 20010322103643.A16512@joker.rhwd.owl.de> <[🔎] Pine.SOL.4.30.0103221457560.12600-100000@alya.utu.fi>

juolja@utu.fi (=?ISO-8859-1?Q?Juha_J=E4ykk=E4?=) writes:

> > - xntp3 w/patch (just keeps CAP_SYS_TIME, drops uid 0)
> 
> As far as I can recall, xntp3 was split into ntp and ntpdate
> somewhere around version 4. 

You are correct that the Debian package is now derived from version 4 upstream
source, and split into ntp and ntpdate packages.

> I do not see why there is any need for the older version. 

The point of the original posting was to identify applications that can use
"capabilities" to avoid running with root privs all the time.  There is 
apparently a patch for xntp3 out there somewhere, which suggests that it might
be possible to generate such a patch for ntp/ntpdate fairly reasonably.  

I can confirm that the current Debian packages run as root, since I maintain
those packages.

Bdale

Reply to:

References:
- Applications using Linux capabilities
  - From: Alexander Reelsen <ar@rhwd.net>
- Re: Applications using Linux capabilities
  - From: Juha Jäykkä <juolja@utu.fi>

Prev by Date: Re: Applications using Linux capabilities
Next by Date: Re: Please remove me from this mailing list
Previous by thread: Re: Applications using Linux capabilities
Next by thread: Re: Applications using Linux capabilities
Index(es):
- Date
- Thread