Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Tue, 24 Apr 2001 09:34:48 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Tue, 24 Apr 2001 09:34:38 -0400 Received: from viper.haque.net ([66.88.179.82]:64690 "EHLO mail.haque.net") by vger.kernel.org with ESMTP id ; Tue, 24 Apr 2001 09:34:30 -0400 Date: Tue, 24 Apr 2001 09:34:17 -0400 (EDT) From: "Mohammad A. Haque" To: cc: "Mike A. Harris" , Subject: Re: [OFFTOPIC] Re: [PATCH] Single user linux In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 24 Apr 2001, Tomas Telensky wrote: > :-) Great. > You and Alex are right - I agree that this is a complete moronism. > > But, what I should say to the network security, is that AFAIK in the most > of linux distributions the standard daemons (httpd, sendmail) are run as > root! Having multi-user system or not! Why? For only listening to a port > <1024? Is there any elegant solution? If your distro is runnign httpd as root you may want to give them a nice swift kick in the behind. By default apache is configured to run as nobody. Dunno about sendmail. Correct. <1024 requires root to bind to the port. -- ===================================================================== Mohammad A. Haque http://www.haque.net/ mhaque@haque.net "Alcohol and calculus don't mix. Project Lead Don't drink and derive." --Unknown http://wm.themes.org/ batmanppc@themes.org ===================================================================== - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/