[icecast] icecast on port 80 NOT as root
Bryan Jay Miller
bryan at woxy.com
Thu Aug 22 18:49:40 UTC 2002
Thanks for the tips. I did find a detailed article on how to run Icecast
1.3.x in a chroot jail at incidents.org (actually it's in Google's
cache, couldn't find it on incidents.org site anymore):
http://216.239.37.100/search?q=cache:8Jnwn-j8Yh4C:www.incidents.org/protect/borland.php+icecast+chroot+jail&hl=en&ie=UTF-8
It doesn't really solve the problem of running Icecast 1 on a privileged
port as the process would have to chroot *after* binding to the port but
interesting nonetheless.
Moritz - Thanks for the tip on Icecast2. I must have totally overlooked
that Icecast2 does both chroot and setuid... very important features
IMO. I updated my source from CVS and chroot and setuid worked like a
charm. Streaming Vorbis on port 80 right now not running as root.
One question. The <changeowner><user><group> settings are self
explanatory but what about the <chroot> directive. The value in the
default icecast.xml is 0. Does it take an absolute path or boolean value
and then use <basedir> as the chroot value?
-Bryan
--- >8 ----
List archives: http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to 'icecast-request at xiph.org'
containing only the word 'unsubscribe' in the body. No subject is needed.
Unsubscribe messages sent to the list will be ignored/filtered.
More information about the Icecast
mailing list