[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Permissions Required On hosts.allow ?

On Wed, 28 Aug 2002 21:03:53 -0700, Jamie Heilman wrote:

>> Can I change this around a bit to achieve my goal - maybe make a new
>> group called "foo" (say) and give that gid to in.telnetd and
>> hosts.allow ... ?
>Obscuring your libwrap/tcpd configuration from your local users, at
>the expense of allowing services to run as seperate, non-privileged
>users is a bad idea.  

Well if that's what the price is then I agree with you.  But I can't
see where we'd lose if all that the group "foo" membership gives the
daemons is tcp wrappers config file read access.

It does occur to me that maybe in.telnetd (say) _depends_ on having
its group telnetd membership for some purpose though ..


Nick Boyce
Bristol, UK
"Microsoft may provide updates that will be automatically downloaded onto 
your computer. These updates may disable your ability to copy and/or play
content and use other software on your computer."
	-- http://bsdvault.net/article.php?sid=527&mode=&order=0

Reply to: