[pkg-dhcp-devel] Bug#793490: Please enable paranoia option for chroot and setuid/setgid
Bernhard Schmidt
berni at birkenwald.de
Fri Jul 24 15:03:36 UTC 2015
Package: isc-dhcp
Version: 4.3.2-1
Severity: wishlist
Hi,
since ISC DHCP 4.1.0 the formerly standalone PARANOIA patch by Ari
Edelkind has been included upstream. It provides additional command
line options for chroot, setuid and setgid. However it needs a
special configure flag for these features.
Please add --enable-paranoia to the configure flags.
I have compile- and runtime tested it on the amd64 architecture.
This configure option has been enabled in SuSE for years and should
be safe for use.
Note that I'm not requesting to use these new features in a default
Debian installation, they should just be compiled into the binary.
Note that there is mentioning of the new arguments in the upstream
manpage for dhcpd(8), I will try to think of something and attach a
patch when I'm done.
Best Regards,
Bernhard
More information about the pkg-dhcp-devel
mailing list