18 Jul
2008
18 Jul
'08
3:47 a.m.
Aaron Griffin wrote:
On Thu, Jul 17, 2008 at 10:40 AM, Hugo Doria <hugodoria@gmail.com> wrote:
Thus this way snort can work out of the box with less privileges. Anyone who wants can put snort to run with another user.
And, in any case, this email was just a question.
I don't see why people have such an issue with creating UIDs/GIDs out of the box. I don't have a problem with it, as long as we don't do it on every flippin package under the sun. Is it possible to use 'nobody' for snort, or is there a security risk there too?
Have I heard someone saying "sensible defaults" ? Armando