[icecast] [PATCH] Configurable privileges and chroot jail

Steve Smith steve.smith at isay.com.au
Tue Apr 24 02:05:49 UTC 2001


I have now posted my patch to enter a chroot jail and drop unnecessary
privileges to the icecast-dev list.  This is a 'works for me' level
patch against CVS, so testing and comments are welcome.

> From the posting:

 This patch (against the current CVS tree) is intended to add secure
 configuration to icecast 'out of the box'.  It adds two configuration
 directives, 'icecast_user' and 'chroot_dir'.  These are intended to be
 used together to reduce the privileges icecast runs under to the
 minimum necessary.  When this is enabled and run as root icecast will
 enter the specified chroot jail and drop privileges to the user

 The chroot_dir option will probably not work if --enable-fsstd is
 specified, although I haven't actually tried it.

 I would appreciate any comments and suggestions.


--- >8 ----
List archives:  http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.

More information about the Icecast mailing list