The current code of sispmctl does not effectively drop user privileges when starting the program as privileged user.
socket.c: /* drop priveleges */ uid = getuid(); seteuid(uid); This should be fixed before using sispmctl as a webserver. cf. http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf Best regards Heinrich Schuchardt
