Re: dma user config

["Simon 'corecode' Schubert" <corecode@xxxxxxxxxxxx>]

Matthew Dillon wrote:
>     It is far less safe if you allow the user to exec a suid program.  I
>     really hate SUID binaries and would recommend against them.  A mail
>     front-end, for example, should connect to a service already running
>     as root and NOT itself be a SUID binary.
>
>     If I were to give advise here, it would be 'don't worry about the
>     peformance cost of doing a fork()'.

Oh, sure.  I just also wanted to avoid having to have a process running 
all the time.  Right now every dma instance cares about itself and does 
all queueing, etc.  Once it has done its job, it quits.

Running a setuid root binary or having root starting a setuid process 
doesn't make much of a difference, no?

cheers
  simon

--
Serve - BSD     +++  RENT this banner advert  +++    ASCII Ribbon   /"\
Work - Mac      +++  space for low €€€ NOW!1  +++      Campaign     \ /
Party Enjoy Relax   |   http://dragonflybsd.org      Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz       Mail + News   / \