[icecast] [PATCH] Configurable privileges and chroot jail
Steve Smith
steve.smith at isay.com.au
Tue Apr 24 02:05:49 UTC 2001
Hi,
I have now posted my patch to enter a chroot jail and drop unnecessary
privileges to the icecast-dev list. This is a 'works for me' level
patch against CVS, so testing and comments are welcome.
> From the posting:
This patch (against the current CVS tree) is intended to add secure
configuration to icecast 'out of the box'. It adds two configuration
directives, 'icecast_user' and 'chroot_dir'. These are intended to be
used together to reduce the privileges icecast runs under to the
minimum necessary. When this is enabled and run as root icecast will
enter the specified chroot jail and drop privileges to the user
specified.
The chroot_dir option will probably not work if --enable-fsstd is
specified, although I haven't actually tried it.
I would appreciate any comments and suggestions.
Cheers,
Steve
--- >8 ----
List archives: http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body. No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.
More information about the Icecast
mailing list