Privsep
From: Duckbreath (duckbreath@yahoo.com)
Date: 12/10/02
- Next message: Erick Mechler: "Re: Privsep"
- Previous message: Duncan Campbell: "Re: gateway security?"
- Next in thread: Erick Mechler: "Re: Privsep"
- Reply: Erick Mechler: "Re: Privsep"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 10 Dec 2002 11:28:37 -0800 (PST) From: Duckbreath <duckbreath@yahoo.com> To: freebsd-security@freebsd.org
Hi! I know awhile back there was a little rucus and
next thing I knew it, I was getting 'sshd' and 'www'
users in my group with the newest versions of the
FreeBSD RELEASE.
Hip hip hooray! These look useful. I should of used
them earlier -- if I knew how. Anyway, the status quo
is I'm still running too much under root and I want to
take advantage of this priv sep business. Now I went
searching through the handbook, and here is what I
concluded:
1) It is not in the handbook, OR
2) I am very lousy at going through the handbook.
So how do I get sshd to run off the sshd user?
Would apache be cooperative with the www user as well,
or is that more tricky?
These are not ports I'm using -- I like to download
from source directly from the ssh/apache folks.
So umm.. how do I get this privsep thing going for me?
Sorry about the Yahoo account (and the do you Yahoo!?
signature you are about to receive), but I don't want
to lure every scripter and blackhat in the known
universe to run screaming 'root daemon! root daemon!
attack attack!!!'....
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Erick Mechler: "Re: Privsep"
- Previous message: Duncan Campbell: "Re: gateway security?"
- Next in thread: Erick Mechler: "Re: Privsep"
- Reply: Erick Mechler: "Re: Privsep"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
