Received: with LISTAR (v1.0.0; list gopher); Tue, 22 Jan 2002 09:05:22 -0500 (EST) Return-Path: Delivered-To: gopher@complete.org Received: from ingwaz.pair.com (ingwaz.pair.com [209.68.1.186]) by pi.glockenspiel.complete.org (Postfix) with SMTP id 97EBE3B85B for ; Tue, 22 Jan 2002 09:05:21 -0500 (EST) Received: (qmail 88104 invoked by uid 3017); 22 Jan 2002 14:05:20 -0000 Date: 22 Jan 2002 14:05:20 -0000 Message-ID: <20020122140520.88103.qmail@ingwaz.pair.com> To: gopher@complete.org From: Robert Hahn Subject: [gopher] Re: Security issues in Gopher? X-archive-position: 379 X-listar-version: Listar v1.0.0 Sender: gopher-bounce@complete.org Errors-to: gopher-bounce@complete.org X-original-sender: rhahn@tenletters.com Precedence: bulk Reply-to: gopher@complete.org List-help: List-unsubscribe: List-software: Listar version 1.0.0 X-List-ID: Gopher List-subscribe: List-owner: List-post: List-archive: X-list: gopher > > pretty sound to me (ie: user 'nobody' can't really do a whole lot of > > damage) so I'm wondering what it would take for me to run gopherd as > > nobody - and better still, why people are running it as root. > > You can not only run gopherd as nobody (see -u) but you can also run > it chroot, which is more than you get with Apache even. Interesting. I manned chroot last night, which gave me a clear answer as to what and how, but, as is typical with all man pages, lacks a 'why'. :P So, can you explain what the significance of chroot* is and how it increases security? Especially as it compares to running a server either as 'nobody' or (horrors) root? * I don't know what your manpage says, but mine says that chroot simply changes the location of the root home folder. Or... point me to a resource that would do as well? thx, -rh