Package: whitelister Severity: wishlist Version: 0.4-3 Just a suggestion: Currently, to use unix sockets, the changed-to uid must be modified and a directory established owned by that user, or the daemon is set to run as root.
If privileges were dropped _after_ the unix socket was established, then the socket could be bound successfully and the daemon would still end up as 'nobody'. Currently the socket will be _unlinked_ before privileges are dropped, and the .pid file created. So it's only the actual socket creation that's an issue. I can see that binding to an INET socket might not be desirable behaviour as root, so maybe this behaviour could differ by socket type? -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable'), (950, 'unstable'), (900, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12 Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) -- Paul "TBBle" Hampson, [EMAIL PROTECTED] 8th year CompSci/Asian Studies student, ANU Shorter .sig for a more eco-friendly paperless office.
pgpwTn0p4bJiK.pgp
Description: PGP signature
