My question is this: I own /home/dougmc/ircd/ircd, so I can change it in any way I want. Is it possible to alter it in such a way that it takes this open fd to port 194 and abuses it, perhaps uses it to spoof a rlogin or rsh? No, but what is theoretically possible is that someone could use ircd to run arbitrary programs as the irc user. Even if you run it as a special user and in a chroot shell, there's a small possibility of abuse... for instance, say you run nntpd and have some private local groups you don't want exported, then if someone ran a proxy nntp port bouncer, they could access your local groups because the call would appear to be from a local user rather than the real remote host. However, if the rest of your system is set up properly, what you suggest above is no more dangerous than giving strangers a guest shell. If you allow outsiders on your machine anyway, it shouldn't be a problem. If you think your machine is only ever used by trusted insiders, it could be a problem. G