Package: papercut Severity: serious Tags: security It's a bad idea to run any kind of daemon, which is accessible from the outside, as root. While papercut needs to start as root to bind to the nntp port, I can't see any reason why it should not drop it's privileges to handle requests.
-- Bernd Zeimetz <[EMAIL PROTECTED]> <http://bzed.de/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
