From: Rick Moen (rick at domain linuxmafia.com)
Date: Tue 25 Jun 2002 - 03:16:50 IST
Quoting Paul Kelly (longword at domain esatclear.ie):
> Maybe I'm reading it wrong, but to me that message reads like 'We don't
> care to fix this bug right now, go use PrivSep even though it doesn't
> work quite right yet'. And Theo wonders why people don't get on well
> with him...
Well, to the extent that PrivSep works, it means that any remote exploit
would have to break out of a non-root-authority process's chroot jail.
Which is better than nothing.
I have 3.3p1 running with "UsePrivilegeSeparation yes" on Linux since
this morning, and it seems to work so far.
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:17:29 GMT