Date: Tue, 10 Dec 2002 11:28:37 -0800 (PST) From: Duckbreath <duckbreath@yahoo.com> To: freebsd-security@freebsd.org Subject: Privsep Message-ID: <20021210192837.88790.qmail@web41302.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hi! I know awhile back there was a little rucus and next thing I knew it, I was getting 'sshd' and 'www' users in my group with the newest versions of the FreeBSD RELEASE. Hip hip hooray! These look useful. I should of used them earlier -- if I knew how. Anyway, the status quo is I'm still running too much under root and I want to take advantage of this priv sep business. Now I went searching through the handbook, and here is what I concluded: 1) It is not in the handbook, OR 2) I am very lousy at going through the handbook. So how do I get sshd to run off the sshd user? Would apache be cooperative with the www user as well, or is that more tricky? These are not ports I'm using -- I like to download from source directly from the ssh/apache folks. So umm.. how do I get this privsep thing going for me? Sorry about the Yahoo account (and the do you Yahoo!? signature you are about to receive), but I don't want to lure every scripter and blackhat in the known universe to run screaming 'root daemon! root daemon! attack attack!!!'.... __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021210192837.88790.qmail>