Date: Tue, 19 Feb 2002 11:20:37 -0500 From: Ken Stailey <kstailey@surfbest.net> To: Alan Eldridge <alane@geeksrus.net> Cc: klh@panix.com, FreeBSD ports list <ports@freebsd.org> Subject: Re: klh10 and its port submissions Message-ID: <3C727B55.10801@surfbest.net> References: <3C6FC9EF.9040900@surfbest.net> <3C703170.5040502@surfbest.net> <200202180001.g1I01Og20036@wwweasel.geeksrus.net> <3C726171.8050603@surfbest.net> <20020219152538.GB17665@wwweasel.geeksrus.net> <3C727732.10003@surfbest.net> <20020219161105.GA19555@wwweasel.geeksrus.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Alan Eldridge wrote: >On Tue, Feb 19, 2002 at 11:02:58AM -0500, Ken Stailey wrote: > >>Alan Eldridge wrote: >> >>>Suggest group "wheel" instead. IE you must be able to su to root (at least >>>in principle) in order to run it. >>> >>But Alan: >> >>kstailey@hermes$ ls -l /usr/sbin/ppp >>-r-sr-xr-- 1 root network 307808 Jan 26 08:14 /usr/sbin/ppp >> > >I guess I'm looking at it from the perspective of a *user* running it. >Network is a daemon account. > We are not talking about the network account but the network group. It makes a big difference. > Wheel is the group you have to be in to su >to root. And since it's a potentially dangerous program, it seemed logical >to me to need to be in the "trusted" group to be able to run it. > ppp uses ID0 wrappers around system calls to limit its use of root privledges. We can't go there now because klh-10 uses popen(3). I expect to fix that someday. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C727B55.10801>