silc-server does not drop privileges when run in foreground
Daniel Kahn Gillmor
dkg-silc at fifthhorseman.net
Wed Mar 7 08:30:27 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Pekka Riikonen <priikone at iki.fi> writes:
> This is fine except when debugging in enabled (-d or -D) in which
> case we don't want to drop privileges, at least I don't.
Really? Sorting out privilege errors is one of the most common
reasons that i run tools in debug mode. Often i'm debugging a service
which doesn't have appropriate privileges to do something or other,
and i want to get clearer information about what limitations it's
bumping up against. If the process retains superuser privs when i'm
debugging it, any lack-of-privilege errors won't be reproducible. As
a sysadmin, i think that'd make me tear my hair out :)
I suppose it's the difference between debugging a specific
installation on a specific host and debugging the code of the server
itself.
What about debugging the code of the server with User and Group set to
"root" in silcd.conf? Would that do what you need?
--dkg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8+ <http://mailcrypt.sourceforge.net/>
iD8DBQFF7moHiXTlFKVLY2URAgOMAKClgdurwz7QYClHLhFUxtpqNvpSZgCg6vJ3
1QRJFN0qPoeQWSB1aoV7YLk=
=4idX
-----END PGP SIGNATURE-----
More information about the silc-devel
mailing list