auid

Russell Coker russell at coker.com.au
Sun Feb 12 07:39:20 UTC 2006


On Friday 10 February 2006 05:23, Steve G <linux_4ever at yahoo.com> wrote:
> >That might break any alternatives to these programs, e.g. from Fedora
> >Extras, such as proftpd, wouldn't it?
>
> Proftpd has never been modified (by us) to set the loginuid. Not that it
> can't be done...it just hasn't.

Steve, I think that Paul interpreted your message to mean that only vsftpd 
would be permitted to change the auid while other ftp daemons would not.

Paul, the way these things work is that we (generally) have all daemons that 
perform a particular service running with the same security context.  
Therefore if vsftpd is permitted to change the auid then proftpd will also be 
permitted to do that.  As Steve points out someone has to write the 10 line 
patch to proftpd to make it do so (and we have no immediate plans to do so).

If anyone wants to contribute some code for this then it would be appreciated.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page




More information about the fedora-devel-list mailing list