This patch (against the current CVS tree) is intended to add secure
configuration to icecast 'out of the box'. It adds two configuration
directives, 'icecast_user' and 'chroot_dir'. These are
intended to be
used together to reduce the privileges icecast runs under to the
minimum necessary. When this is enabled and run as root icecast will
enter the specified chroot jail and drop privileges to the user
specified.
The chroot_dir option will probably not work if --enable-fsstd is
specified, although I haven't actually tried it.
I would appreciate any comments and suggestions.
Cheers,
Steve
--- >8 ----
List archives: http://www.xiph.org/archives/
icecast project homepage: http://www.icecast.org/
To unsubscribe from this list, send a message to
'icecast-request@xiph.org'
containing only the word 'unsubscribe' in the body. No subject is
needed.
Unsubscribe messages sent to the list will be ignored/filtered.
