List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
It is my understanding that dhcpcd client requires root or a
privileged user. Am presently running dhcpcd in a chroot jail (ssp and
grsecurity-hardened kernel) as user root (ugh). (This is a laptop used
at hotspots, so I think I need to use dhcp).
Other distributions distribute dhcpcd with a "paranoia" patch incorporated
which allows the dropping of privilege and changing of user/group after startup.
1 Does Gentoo have an "official" way to apply this patch.
2 Presuming that it doesn't, I guess that I'll ebuild unpack: patch
the source manually; ebuild merge !?
3. Are there other ways to deal with this potential vulnerability
(privileged process listening on an open port (68) )? (e.g. using
selfdhcp and effecting a manual connection?)
email@example.com mailing list