On Lu, 10 mar 14, 23:58:32, Anubhav Yadav wrote:
> Yes I have now configured mpd as a normal user using this guide.
>
> http://crunchbang.org/forums/viewtopic.php?id=17386
>
> I would appreciate if someone goes through the guide and see if it has
> any security issues.
>
> The guide is written for a single user, not for system wide!
Well, the point of the
user "mpd"
directive in mpd.conf (on Debian enabled by default, despite the comment
in the file) is to have mpd drop privileges to that user. In my very
humble opinion, this is probably even safer than running mpd under your
own user because the user 'mpd' is quite locked down (not a member of
any group, it has /bin/false as login shell and /var/lib/mpd as home).
There might be some fiddling necessary with the access rights, but then
you're fine.
Kind regards,
Andrei
--
http://wiki.debian.org/FAQsFromDebianUser
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
http://nuvreauspam.ro/gpg-transition.txt
Attachment:
signature.asc
Description: Digital signature