> When you actually look at using such restrictions, you often run
> into enough problems to give up.
>
> For example, say you allowd a "httpd" user to bind to port 80, then
> you ran Apache as httpd. So far so good; it can bind to the port,
> it can serve requests, no longer needs to be started by root.
>
HTTP wasn't my first thought, sendmail was.
IMO It's not a fix all sollution but it will fix some problems.
Gerhard
-- Gerhard Mack irc admin centurion.starchat.netgmack@imag.net innerfire@starchat.net
As a computer I find your faith in technology amusing.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu