Re: [arch-general] [arch-dev-public] Snort UID / GID

Aaron Griffin wrote: On Thu, Jul 17, 2008 at 10:40 AM, Hugo Doria <[EMAIL PROTECTED]> wrote: Thus this way snort can work out of the box with less privileges. Anyone who wants can put snort to run with another user. And, in any case, this email was just a question. I don't see why people have

Re: [arch-general] [SPAM] [arch-dev-public] two patches for rc.d/network

On Thu, Jul 17, 2008 at 3:27 PM, Aaron Griffin <[EMAIL PROTECTED]> wrote: > On Wed, Jul 16, 2008 at 5:18 AM, James Rayner <[EMAIL PROTECTED]> wrote: >> On Wed, Jul 16, 2008 at 8:12 PM, RedShift <[EMAIL PROTECTED]> wrote: >>> James Rayner wrote: 1) 0001-add-some-useful-error-messages-to-w

Re: [arch-general] [SPAM] [arch-dev-public] two patches for rc.d/network

On Wed, Jul 16, 2008 at 5:18 AM, James Rayner <[EMAIL PROTECTED]> wrote: > On Wed, Jul 16, 2008 at 8:12 PM, RedShift <[EMAIL PROTECTED]> wrote: >> James Rayner wrote: >>> >>> 1) 0001-add-some-useful-error-messages-to-wireless-code.patch >>> Makes the wireless code in rc.d/network output some usefu

Re: [arch-general] [arch-dev-public] Snort UID / GID

"Hugo Doria" <[EMAIL PROTECTED]> writes: > IMHO, we have two options: > > 1) Create a "snort" user/group and provide a package with fewer > privileges by default (users can change that if they want) > 2) Run snort as "nobody" and put a message in snort.install showing > how to change the user/grou

Re: [arch-general] [arch-dev-public] Snort UID / GID

The problem of using the user "nobody" is that if it is used for various services, and one of these is compromised it can also affect snort. IMHO, we have two options: 1) Create a "snort" user/group and provide a package with fewer privileges by default (users can change that if they want) 2) Run

Re: [arch-general] [arch-dev-public] Snort UID / GID

On Thu, Jul 17, 2008 at 10:40 AM, Hugo Doria <[EMAIL PROTECTED]> wrote: > Thus this way snort can work out of the box with less privileges. > Anyone who wants can put snort to run with another user. > > And, in any case, this email was just a question. I don't see why people have such an issue wit

Re: [arch-general] [arch-dev-public] Snort UID / GID

Thus this way snort can work out of the box with less privileges. Anyone who wants can put snort to run with another user. And, in any case, this email was just a question. -- Hugo

Re: [arch-general] [arch-dev-public] Snort UID / GID

Hugo Doria wrote: On Thu, Jul 17, 2008 at 10:27 AM, RedShift <[EMAIL PROTECTED]> wrote: Why can't the users themselves create a snort uid/gid... As the snort itself will run with the snort user/group is better create them during the installation. -- Hugo Why is it better to creat

Re: [arch-general] [arch-dev-public] Snort UID / GID

On Thu, Jul 17, 2008 at 10:27 AM, RedShift <[EMAIL PROTECTED]> wrote: > Why can't the users themselves create a snort uid/gid... As the snort itself will run with the snort user/group is better create them during the installation. -- Hugo

Re: [arch-general] dnsutils/bind

Am Mittwoch, 16. Juli 2008 06:03:18 schrieb Abhishek Dasgupta: > As for pdnsd, it seems to be not affected, but there's no clear place where > I can find a reference to that other than gentoo bugs: > > http://bugs.gentoo.org/show_bug.cgi?id=231285 Thanks for your hint. :-) -- http://www.archlinu

Re: [arch-general] [arch-dev-public] Snort UID / GID

Hugo Doria wrote: I've updated the snort package. The package is now working well, but I have a question: I am creating a snort user and group during the package installation. Should we reserve a UID / GID to it? I think this is important because snort should run with fewer privileges since it c