[icecast] A few Newbie Questions

Andrew M. Wu andrewwu at Princeton.EDU
Sun Feb 25 20:08:16 UTC 2001 


One question though - how do I create a pseudo user?

Thanks,

Andrew

On Sun, 25 Feb 2001, Michael Faurot wrote:

> In article <983130226.25873 at phzzzt.atww.org> you wrote:
> 
> : 1) With regards to the recent buffer-overflow exploit and the
> : recommendation of running icecast as a non-root user, how exactly does
> : one do that?
> 
> I do it via "su".  I use a pseudo user named "ice" and have this in a
> shell program that starts icecast:
> 
> 	exec su --login -c "/usr/local/icecast/bin/icecast" ice &
> 
> NOTE: root needs to run this, so it won't be prompted for a password.
> Once run, the icecast process itself will be owned by user "ice".
> 
> : I've compiled icecast with both encryption and tcp_wrappers enabled.
> : I've added to my /etc/hosts.deny file the line
> [...]
> : I believe that those files however are readable only by root
> 
> They shouldn't be.  Generally /etc/hosts.allow and /etc/hosts.deny have
> permissions of 644 and owned by user root and group root.  This will be
> fine if icecast is run as an unprivledged user as it only needs to be
> able to read those files--not write or modify them.
> 
> -- 
> ------------------------------------------------------------------------------
>  Michael | mfaurot  | You have the power to influence all with whom you come
>  Faurot  | atww.net | in contact.
> 
> --- >8 ----
> List archives:  http://www.xiph.org/archives/
> icecast project homepage: http://www.icecast.org/
> To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
> containing only the word 'unsubscribe' in the body.  No subject is needed.
> Unsubscribe messages sent to the list will be ignored/filtered.
> 

--- >8 ----
List archives:  http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body.  No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.

More information about the Icecast mailing list