Hi! I know awhile back there was a little rucus and
next thing I knew it, I was getting 'sshd' and 'www'
users in my group with the newest versions of the
FreeBSD RELEASE.

Hip hip hooray! These look useful. I should of used
them earlier -- if I knew how. Anyway, the status quo
is I'm still running too much under root and I want to
take advantage of this priv sep business. Now I went
searching through the handbook, and here is what I
concluded:
1) It is not in the handbook, OR
2) I am very lousy at going through the handbook.

So how do I get sshd to run off the sshd user?
Would apache be cooperative with the www user as well,
or is that more tricky?

These are not ports I'm using -- I like to download
from source directly from the ssh/apache folks.

So umm.. how do I get this privsep thing going for me?

Sorry about the Yahoo account (and the do you Yahoo!?
signature you are about to receive), but I don't want
to lure every scripter and blackhat in the known
universe to run screaming 'root daemon! root daemon!
attack attack!!!'....

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]