On Wed, 18 Aug 1999, Gerd wrote:
> So it seems there must be a solution like the following available to
> avoid setting the whole terminal program UID root:
>
> On the socket listens a daemon with UID root that could be started
> upon system boot or with sudo or something else to assure its root
> permissions. The terminal then must be able to talk to this daemon
> to get information about the actual traffic on the QRG.
>
> Is this a suitable approach or do I miss something here?
I don't see the need for such an elaborate arrangement, at least if the
only reason was to replace the current "listen". Listen has no user
interaction and it should be pretty easy to make sure it has no buffer
overflows or other security risks. So there really isn't any reason a
sysop couldn't make it setuid root if he/she wants to. It's just that now
it isn't setuid root by default.
--
--- Tomi Manninen / [EMAIL PROTECTED] / OH2BNS @ OH2RBI.FIN.EU ---
