Complete.Org: Mailing Lists: Archives: gopher: July 2002:
[gopher] Re: [Fwd: Re: Gopher+ Suggestion]
Home

[gopher] Re: [Fwd: Re: Gopher+ Suggestion]

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: gopher@xxxxxxxxxxxx, rcooley@xxxxxxxxxxxxx
Subject: [gopher] Re: [Fwd: Re: Gopher+ Suggestion]
From: John Goerzen <jgoerzen@xxxxxxxxxxxx>
Date: Mon, 22 Jul 2002 08:39:22 -0500
Reply-to: gopher@xxxxxxxxxxxx

On Mon, Jul 22, 2002 at 12:58:11AM -0700, R. Cooley wrote:
> 
> I'm way ahead of you.  I've already been using the hostalias feature. 
>  One problem is just that it does make setup more complicated, and 
> Gopher+ less flexible.  My problem is that I choose to run gopherd as a 
> normal user, rather than as Root.  Of course, that prevents the use of 
> any port below 1024.

OK, I've made a patch to pygopherd that adds a new "advertisedport" feature
that will do what you need.  I'm including the patch below; download 3.0.0
and apply the patch to it.  It will go into 3.0.1 when it is released.

PyGopherd lives at gopher://quux.org/1/devel/gopher/pygopherd or
http://quux.org/devel/gopher/pygopherd.

> If I used chroot to secure gopher+, I could use port 70, but I avoid 

The port number had nothing to do with chroot; it has things to do with
root.

> http://sourceforge.net/tracker/index.php?func=detail&aid=567313&group_id=11118&atid=311118

Well, your analysis pits privilege dropping and chroot versus starting as a
non-privileged user and not using chroot.  I don't believe that your "not
trusting the program to properly drop privileges" argument holds water when
you're dealing with software that you have the source code to.  You can
check for yourself to see.  In Pygopherd's case, you can read
pygopherd/initialization.py.  In gopherd's case, you can read gopherd.c and
serverutil.c.

Personally, I would (and do) trust PyGopherd completely.

If you accept as a given that the privilege dropping is done properly, then
I think it is self-evident that chroot mode is more secure than not.

-- John


-- 
John Goerzen <jgoerzen@xxxxxxxxxxxx>    GPG: 0x8A1D9A1F    www.complete.org


[Prev in Thread] Current Thread [Next in Thread]