Re: startup error for pflogd

From: Will Andrews <will_at_csociety.org>
Date: Mon, 21 Jun 2004 11:17:29 -0500
On Mon, Jun 21, 2004 at 04:39:10PM +0200, Max Laier wrote:
> I'll try to explain the reasoning behind this. If there are a zillion 
> processes all owned by nobody:nogroup and an attacker manages to obtain 
> control over one of them, the rest might be easy/easier prey. The evildoer 
> will have better chances to obtain critical resources and maybe root in the 
> end.

I think this is a good approach.  In fact, that's what I do on my
public mirror servers, i.e. allocate dedicated users for specific
tasks to eliminate privilege escalation through them.

Regards,
-- 
wca

Received on Mon Jun 21 2004 - 14:17:30 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:58 UTC