Unix Technical Forum

Re: drop privileges to nobody is pinging as root

This is a discussion on Re: drop privileges to nobody is pinging as root within the lucky.openbsd.tech forums, part of the OpenBSD category; --> > Theo de Raadt wrote: > > Han wrote: > > > To further improve security I think this ...


Go Back   Unix Technical Forum > Unix Operating Systems > OpenBSD > lucky.openbsd.tech

Re: drop privileges to nobody is pinging as root Re: drop privileges to nobody is pinging as root

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 02-22-2008, 01:09 PM
Theo de Raadt
 
Posts: n/a
Default Re: drop privileges to nobody is pinging as root
> Theo de Raadt wrote:
> > Han wrote:
> > > To further improve security I think this patch may help.
> >
> > This does not help. In fact, it potentially gives the person
> > running ping access to another uid.
> >
> > You need to think about why we do it as we do, throughout the
> > tree.
>
> Care to elaborate?

I have been rather clear. Please read what I wrote, and then think.

This happens all the time. Why do people ask again, instead of thinking?

WHY should any user be able to run a process as uid nobody? Do you
really think that uid nobody has no capabilities that the user
doesn't have?

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« usb mouse vendor name | drop privileges to nobody is pinging as root »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


All times are GMT. The time now is 10:28 AM.

Contact Us - Unix Technical Forums - Top

Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0
www.UnixAdminTalk.com