> Jack O'Quin wrote:
>> Temporarily dropping privileges gains no security whatsoever.  It is
>> nothing more than a coding convenience.

Peter Williams <[EMAIL PROTECTED]> writes:
> Yes, to help avoid accidentally misusing the privileges.

>> The program remains *inside* the system security perimeter.
>
> Which is why you have to be careful in writing setuid programs.

Which is why I'd rather not run an inherently insecure program like
jackd with root privileges.  

I can live with a cracker crashing my audio workstation with a DoS
attack using realtime privileges.  I'll just have to reboot.  But, I
do not want him turning my mail server into a spam relay.
-- 
  joq
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to