Re: Permissions Required On hosts.allow ?

To: debian-security@lists.debian.org
Subject: Re: Permissions Required On hosts.allow ?
From: Nick Boyce <nick@glimmer.demon.co.uk>
Date: Fri, 30 Aug 2002 01:56:52 +0100
Message-id: <[🔎] 95gtmu4qnb1mcl8k7v3ucgmqovpmqmnvag@4ax.com>
In-reply-to: <[🔎] 20020829040353.GM7571@audible.transient.net>
References: <[🔎] 5ouqmukg06nmcbsa6id887948c1o5uedf2@4ax.com> <[🔎] 20020829040353.GM7571@audible.transient.net>

On Wed, 28 Aug 2002 21:03:53 -0700, Jamie Heilman wrote:

>> Can I change this around a bit to achieve my goal - maybe make a new
>> group called "foo" (say) and give that gid to in.telnetd and
>> hosts.allow ... ?
>
>Obscuring your libwrap/tcpd configuration from your local users, at
>the expense of allowing services to run as seperate, non-privileged
>users is a bad idea.  

Well if that's what the price is then I agree with you.  But I can't
see where we'd lose if all that the group "foo" membership gives the
daemons is tcp wrappers config file read access.

It does occur to me that maybe in.telnetd (say) _depends_ on having
its group telnetd membership for some purpose though ..

Cheers,

Nick Boyce
Bristol, UK
--
"Microsoft may provide updates that will be automatically downloaded onto 
your computer. These updates may disable your ability to copy and/or play
content and use other software on your computer."
	-- http://bsdvault.net/article.php?sid=527&mode=&order=0

Reply to:

References:
- Permissions Required On hosts.allow ?
  - From: Nick Boyce <nick@glimmer.demon.co.uk>
- Re: Permissions Required On hosts.allow ?
  - From: Jamie Heilman <jamie@audible.transient.net>

Prev by Date: Re: cryptoloop confusion [repost]
Next by Date: Re: Permissions Required On hosts.allow ?
Previous by thread: Re: Permissions Required On hosts.allow ?
Next by thread: Re: Permissions Required On hosts.allow ?
Index(es):
- Date
- Thread