Marek Michalkiewicz wrote: >They are needed to create ftp-data sockets (privileged port number). >That's why ftpd runs (most of the time) with the effective uid of the >user who is logged in, but real uid 0 (so that it can get root privs >for a while, to create a socket). But no external program (like ls, >gzip, tar, ...) needs to run as root - there should be something like >setgid(getegid()); setuid(geteuid()); between fork and exec in ftpd_popen. >This would prevent the slackware hole from giving root access. > >Comments? Binding to a privileged port is what inetd is good for. Still no reason for ftpd to be root other than to do a chroot. After the chroot (which should happen in the first few executed statements), ftpd should drop to some other user, like "ftp." -- William