public inbox for nncp-devel@lists.cypherpunks.ru
Atom feed
From: John Goerzen <jgoerzen@complete•org>
To: nncp-devel@lists.cypherpunks.ru
Subject: Re: Setup on unprivileged accounts
Date: Wed, 04 Aug 2021 07:22:19 -0500 [thread overview]
Message-ID: <87k0l1wgas.fsf@complete.org> (raw)
In-Reply-To: <87lf5hx36j.fsf@complete.org>
On Tue, Aug 03 2021, John Goerzen wrote:
> 2) Perhaps I could lock down the setuid nncp-daemon and have a
> wrapper that
> forces command-line options to a certain set. It sure has some
> elegance to it,
> as it avoids cron entirely (at least for exchange; may still
> need it for
> tossing), but still makes me nervous.
A variant on that one that occurred to me: ssh authorized_keys
with a lot of lockdowns. I could then force the command to be run
with only designated command-line parameters, at least. It still
makes me nervous (ssh!), but less do. People could ssh to
localhost and exchange data that way.
John
next prev parent reply other threads:[~2021-08-04 12:23 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-04 4:08 Setup on unprivileged accounts John Goerzen
2021-08-04 12:22 ` John Goerzen [this message]
2021-08-04 13:50 ` Sergey Matveev
2021-08-04 18:58 ` Jonathan Lane
2021-08-05 4:23 ` John Goerzen