> Many programs, when run with root privileges, hold on to them only as long as > they're needed and drop them the rest of the time. For example, apache only > needs to be root when it's creating or destroying processes and operates as a > non-privileged user the rest of the time. This way, if there's, e.g., a > buffer overrun in a URI parsing routine, anything that exploits that overrun > has to exploit it as a normal user, not as root. Yeah but xcdroast is just being given root privs externally, it doesn't have any code for that in it does it? --------------------------------------------------------------------- To unsubscribe, e-mail: tclug-list-unsubscribe at mn-linux.org For additional commands, e-mail: tclug-list-help at mn-linux.org