proftpd TLS
perryh at pluto.rain.com
perryh at pluto.rain.com
Thu May 21 00:17:24 UTC 2009
alexus <alexus at gmail.com> wrote:
> ... i guess my main concern it not to run it as root now
AFAIK it is normal for a daemon to run as root if it expects to
receive login credentials:
* For any but the most minimal authentication scheme, it must be
root to authenticate the credentials. (A scheme which enables an
untrusted program to authenticate login credentials is vulnerable
to brute-force attacks.)
* Regardless of the authentication scheme, it must be root in
order to assume the identity of the newly logged in user.
More information about the freebsd-questions
mailing list