Hi, On Thu, Sep 19, 2002 at 10:21:38AM +0100, Martyn Ranyard wrote: > On Thursday 19 September 2002 00:15, Robert Kleemann wrote: > > I've been banging my head on this all afternoon so it's time to seek > > help. > > > > Summary: saned runs fine as a standalone server (saned -d128) but > > fails when run from xinetd. > > I had a very similar problem when I forgot to create the sane user and group. > according to the installation notes, these are saned and saned, but it never > mentioned creating them.
There is at least a hint in the saned manpage: "Note that both examples assume that there is a saned group and a saned user.". Any proposals to make that line more clear? > I believe I fixed it by setting the id in inetd to root root. This may be a > security hole, but we have a good firewall, and if anyone gets past it, them > being able to use the scanner is the least of our problems. The reason for saned not beeing root is that a possible bug in saned or any backend would be more severe in this case. E.g. a backend that accidently allows to read any file could transmit /etc/shadow if run as root. Bye, Henning
