Re: [netatalk-admins] Feature Suggestion: AFP/TCP running as user, not root


Subject: Re: [netatalk-admins] Feature Suggestion: AFP/TCP running as user, not root
From: Stefan Bethke (stefan@promo.de)
Date: Thu Nov 13 1997 - 12:09:14 EST


At 16:50 Uhr +0100 13.11.1997, Eugene Cohen wrote:
>As AFP 2.2 compliance (which adds TCP/IP support) starts getting folded
>into netatalk, there should not be the necessity for afpd to run as root.
>In the "old days" AppleTalk was the only transport, so the daemons had to
>run as root to access the raw network hardware.

The limitation in socket(2) should be fairly easy to remove. I would
believe it only got in there because you need root credentials to get a raw
IP socket, so the netatalk team copied that.

>It should be possible now, if afpd is able run only supporting TCP/IP
>connections, to have the daemon run as something other than root. The only
>change that would need to be made would be support for perhaps a custom
>passwd file since many systems now support shadow authentication and only
>the root account can read the shadow file. Is the addition of the ability
>to run as a non-root user feasible given the source base?

Probably not: for the child apfd to become the effective (logged-in) user,
the master afpd must have appropiate privileges, and that usually means uid
0.

What is your objection against running the master afpd as root, besides the
usual wisdom of running as few as possible processes as root?

Stefan

--
Stefan Bethke
Promo Datentechnik      |  Tel. +49-40-851744-18
+ Systemberatung GmbH   |  Fax. +49-40-851744-44
Eduardstrasse 46-48     |  e-mail: stefan@Promo.DE
D-20257 Hamburg         |  http://www.Promo.DE/



This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:28:03 EST