List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
On 10/8/06, 7v5w7go9ub0o <7v5w7go9ub0o@...> wrote:
> It is my understanding that dhcpcd client requires root or a
> privileged user. Am presently running dhcpcd in a chroot jail (ssp and
> grsecurity-hardened kernel) as user root (ugh). (This is a laptop used
> at hotspots, so I think I need to use dhcp).
Not all dhcp clients run has root.
in ubuntu linux, the dhclient is running with "daemon" user.
I haven't looked carefully how to acomplish this in gentoo.. but I will.
> Other distributions distribute dhcpcd with a "paranoia" patch incorporated
> which allows the dropping of privilege and changing of user/group after startup.
It would be nice to have that integrated.
> 1 Does Gentoo have an "official" way to apply this patch.
> 2 Presuming that it doesn't, I guess that I'll ebuild unpack: patch
> the source manually; ebuild merge !?
> 3. Are there other ways to deal with this potential vulnerability
> (privileged process listening on an open port (68) )? (e.g. using
> selfdhcp and effecting a manual connection?)
privilege revocation/separation on the aplication in case seems the better way.
> TIA, newbie
> firstname.lastname@example.org mailing list
Miguel Sousa Filipe
email@example.com mailing list