Gentoo Archives: gentoo-security

From: 7v5w7go9ub0o <7v5w7go9ub0o@×××××.com>
To: gentoo-security@l.g.o
Cc: gentoo-hardened@l.g.o
Subject: [gentoo-security] Securing dhcpcd (client)
Date: Sun, 08 Oct 2006 21:34:36
It is my understanding that dhcpcd client requires root or a
privileged user. Am presently running dhcpcd in a chroot jail (ssp and
grsecurity-hardened kernel) as user root (ugh). (This is a laptop used
at hotspots, so I think I need to use dhcp).

Other distributions distribute dhcpcd with a "paranoia" patch incorporated


which allows the dropping of privilege and changing of user/group after startup.


1 Does Gentoo have an "official" way to apply this patch.

2 Presuming that it doesn't, I guess that I'll ebuild unpack: patch
the source manually; ebuild merge !?

3. Are there other ways to deal with this potential vulnerability
(privileged process listening on an open port (68) )?  (e.g. using
selfdhcp and effecting a manual connection?)

TIA, newbie
gentoo-security@g.o mailing list


Subject Author
Re: [gentoo-security] Securing dhcpcd (client) "Brian G. Peterson" <brian@×××××××××.com>
[gentoo-security] Re: [gentoo-hardened] Securing dhcpcd (client) Miguel Figueiredo Mascarenhas Sousa Filipe <miguel.filipe@×××××.com>
[gentoo-security] Re: [gentoo-hardened] Securing dhcpcd (client) Miguel Figueiredo Mascarenhas Sousa Filipe <miguel.filipe@×××××.com>