From owner-freebsd-security  Wed Oct 24 23:33:35 2001
Delivered-To: freebsd-security@freebsd.org
Received: from R181172.resnet.ucsb.edu (R181172.resnet.ucsb.edu [128.111.181.172])
	by hub.freebsd.org (Postfix) with ESMTP id 088AC37B405
	for <freebsd-security@freebsd.org>; Wed, 24 Oct 2001 23:33:33 -0700 (PDT)
Received: from localhost (mudman@localhost)
	by R181172.resnet.ucsb.edu (8.11.6/8.11.6) with ESMTP id f9P6aGN18005
	for <freebsd-security@freebsd.org>; Wed, 24 Oct 2001 23:36:16 -0700 (PDT)
	(envelope-from mudman@R181172.resnet.ucsb.edu)
Date: Wed, 24 Oct 2001 23:36:16 -0700 (PDT)
From: Dave <mudman@R181172.resnet.ucsb.edu>
To: <freebsd-security@freebsd.org>
Subject: lowering uids, startup
Message-ID: <Pine.BSF.4.33.0110242313350.17839-100000@R181172.resnet.ucsb.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


I am interested in learning how to start up a program (a 3rd party server
program, a daemon, whatever) automatically from boot up without using
inetd and without using a root uid.

I do know that /usr/local/etc/rc.d/ (mostly from my ports downloads) will
automatically run packages such as ssh and apache, and really anything you
put in there.  Unfortunately, these things initially run as root, so I'm
skeptical about using it.

Are there any good, safe, secure ways to automatically start up third
party services in really low privileged environments?


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message