From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev-return-6441-arch-gentoo-dev=gentoo.org@gentoo.org>
Received: (qmail 32597 invoked by uid 1002); 7 Sep 2003 14:39:41 -0000
Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:gentoo-dev@gentoo.org>
List-Help: <mailto:gentoo-dev-help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev-unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-dev-subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@gentoo.org
Received: (qmail 17631 invoked from network); 7 Sep 2003 14:39:41 -0000
From: Jan Krueger <jk@microgalaxy.net>
Organization: microgalaxy.net
To: azarah@gentoo.org
Date: Sun, 7 Sep 2003 16:45:10 +0000
User-Agent: KMail/1.5.2
Cc: Gentoo-Dev <gentoo-dev@gentoo.org>
References: <pan.2003.09.06.18.05.15.543497@nonconformity.net> <200309071607.48759.jk@microgalaxy.net> <1062944011.8455.118.camel@nosferatu.lan>
In-Reply-To: <1062944011.8455.118.camel@nosferatu.lan>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200309071645.10513.jk@microgalaxy.net>
Subject: Re: [gentoo-dev] Some suggestions
X-Archives-Salt: d3cbf706-33ff-44c3-a9b4-a5e4d0369c3c
X-Archives-Hash: 9a6a38ec126a43e34e7b73c14a988603

On Sunday 07 September 2003 14:13, Martin Schlemmer wrote:
> But you trust the daemons/programs running with root privs all the
> time ? :D
No, they may contain unknown security holes. So i try hard to limit the amount 
of root daemons first and second try to run only root deamons that drop 
privileges after they did what they had to do as root. And there are options 
available to jail them pretty tight.

On Sun, 2003-09-07 at 16:13, Martin Schlemmer wrote:
> Btw, I think that getting ebuild messages recorded an displayed at the
> end of the merge is also a big part of this whole issue.

Yes, agreed :)

Jan


--
gentoo-dev@gentoo.org mailing list