Xavier Montero
2004-Aug-06 14:22 UTC
[icecast] Reccomended user? Root or "normal"?
Is there any problem to run icecast as a normal user? I know that if run along with liveice, I'll have to setup /dev/dsp to that user, but what about TCP/IP ports? Will it be able to run normally or I have to run it as root? Will this help in the stability of the system? This would allow a crash to only crash the user's memory space and not the system's space. Any suggestion is welcome. -- Xavier Montero - Digital Sound Items, scp Tel: 93 589 71 91 - Fax: 93 590 10 96 - Cell: 630 59 01 62 www.dsitelecom.com - xmontero@dsitelecom.com --- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.
On Wed, 12 Sep 2001, Xavier Montero wrote: | Is there any problem to run icecast as a normal user? I know that | if run along with liveice, I'll have to setup /dev/dsp to that | user, but what about TCP/IP ports? Will it be able to run normally | or I have to run it as root? I always run icecast as user "nobody", and there's no problems with running it as a non-root user. As long as icecast is using TCP ports that are > 1024, you do no need to be root to bind to them. | Will this help in the stability of the system? This would allow a | crash to only crash the user's memory space and not the system's | space. It will have no effect on stability of the system. Even when you run the app as root, you are using protected memory. /dale --- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.
I run icecast as "nobody". There have been exploits of icecast in the past, so running as root is definitely a serious risk. Mark Is there any problem to run icecast as a normal user? I know that if run along with liveice, I'll have to setup /dev/dsp to that user, but what about TCP/IP ports? Will it be able to run normally or I have to run it as root? Will this help in the stability of the system? This would allow a crash to only crash the user's memory space and not the system's space. --- >8 ---- List archives: http://www.xiph.org/archives/ icecast project homepage: http://www.icecast.org/ To unsubscribe from this list, send a message to 'icecast-request@xiph.org' containing only the word 'unsubscribe' in the body. No subject is needed. Unsubscribe messages sent to the list will be ignored/filtered.