SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-18-2008, 08:22 AM
| ||||
| ||||
 Re: drop privileges to nobody is pinging as root Hi! On Mon, Mar 06, 2006 at 03:45:54PM -0700, Theo de Raadt wrote: >> IIRC OpenBSD usually uses separate users for each app that drops/separates >> privileges. So a consequential implementation would use a user _ping >> instead of reusing nobody in a questionable way. But of course the >> question is valid whether that's worthwhile compared to the theoretical >> risk (low under OpenBSD anyway) that root runs ping and the other host >> could exploit it using crafted response packets. >You have not understood the difference between priv-revocation and >priv-seperation. In what way did *I* show a lack of understanding? >Your diff does not help anything. I didn't submit a diff, nor did I endorse the original suggestion. Remember, I was neutral towards the question whether it made any sense to do something like that or not. The paragraph you quoted was rather intended as a rough explanation towards the original poster. Kind regards, Hannah.      |
 |
« Re: drop privileges to nobody is pinging as root
|
Re: drop privileges to nobody is pinging as root »
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 05:07 AM.
