> Jack O'Quin wrote: >> Temporarily dropping privileges gains no security whatsoever. It is >> nothing more than a coding convenience.
Peter Williams <[EMAIL PROTECTED]> writes: > Yes, to help avoid accidentally misusing the privileges. >> The program remains *inside* the system security perimeter. > > Which is why you have to be careful in writing setuid programs. Which is why I'd rather not run an inherently insecure program like jackd with root privileges. I can live with a cracker crashing my audio workstation with a DoS attack using realtime privileges. I'll just have to reboot. But, I do not want him turning my mail server into a spam relay. -- joq - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
