Package: git-daemon-run
Severity: wishlist
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It looks to me like git-daemon-run creates a listening service running
git-daemon as the superuser.
I've set up similar runit-supervised git-daemon instances that operate
as a non-privileged user and they work fine (at least for
publication). Using a non-privileged user seems like a more secure
approach.
Is there a specific reason to have git-daemon-run launch git-daemon as
root? If the package creates the gitlog user, why not also create
git-data (by analogy with www-data) or something similar, and launch
the service that way?
Or am i misunderstanding git-daemon-run somehow?
Regards,
--dkg
- -- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (200, 'unstable'), (101, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.25-2-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIVAwUBSKMSGMzS7ZTSFznpAQKMzBAAl5YhONh8g7cAwxdfvvFyCB7av3/abpcF
O7LfWtWJkwORo7E3UuA0g8BJGqUwvIE2bbRZaKfdeK8MuACk3qd2GKLLzgYbkoPC
hgav7p6nx7T4QcfFbeT8B6x0IsocdeXZIVicJOfgXpgrrRcfauWsCV0FojCu9Xy9
e6ELgg+w26dUwCl5/RD1DUiOUy1zFm36LUve1h4drCZsmRyM0F/ycuo5N832E8PB
Ft+BKAvjsBvGURWZnQU+HrCSC6IXXmQV2Ei3Jjg/kVElJSZvTB4SCmYR/X5+YAN1
bPRN+Ws0/MWrSYjLgrCU0GeoQo/RbkDBCZ+Q50yaTl6A2A5L2GDBQT3ORVIPpQfm
P7jKvhjD/3nvdA75YcB+41N8773uNbD6eK6Q8GmUvmGFPnPoLP2jG/KcttVIqz8M
IebNOcSPHjzjVOwOrnCFulXfPeN2Z9nam3dy6uL8w/oR/TPAqKWwplgofTKB9brA
8jBQs7QwC8qWjNQ+aETdX1KRc3CfJ9vj9X9nnjlowFkbYLAdf5pcPgP1/PMWqLBh
jLsoGN9p7v6Logs1IVvF/alcjX02qK6+YEd+ULPjUb0aHRbh4vUqVocp5OSC2L0o
3H40nWUKW31rBAsSxIRA57isRJsepvaWl6eaZXygIg4yBAqUpXdxGYpFq77P8UYd
eplGwdWKfvY=
=FJE6
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
