Date: Mon, 16 Nov 1998 09:49:04 -0800 (PST) From: Marc Slemko <marcs@znep.com> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Would this make FreeBSD more secure? Message-ID: <Pine.BSF.4.05.9811160946180.12077-100000@alive.znep.com> In-Reply-To: <199811161055.CAA18393@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 16 Nov 1998, Matthew Dillon wrote: > I wonder how many other programs can be trivially fixed like that. > Certainly sendmail does not need to be run as root, yet it is in > /usr/src/etc/rc. lpd ? Why in gods name does lpd need to be run > as root? It is easy to say that things don't have to run as root, but for many of them that just isn't true without losing functionality. If sendmail doesn't run as root, you can't deliver user mail to programs. If lpd doesn't run as root, it can't read non-world-readable files printed with -s. etc. Every few months we go through this. Sure, some programs can be fixed. But it isn't as easy as magically saying "I don't think this program should need root". To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9811160946180.12077-100000>