Which is more secure?

Página superior
Este mensaje es parte del siguiente hilo:
MEl árbol completo de hilos, ordenados por fecha
M 
MJon Peatfield, mensaje del ->
Eliminar este mensaje
Responder a este mensaje
Autor: Chris Bradley
Fecha:  
A: exim-users
Asunto: Which is more secure?
Hi,

I've been pouring over the Exim documentation and source code for
almost a week now and am still confused about one thing...

They're pretty strict about security where I work, so I was trying to
determine which is more secure: setuid or setuid+seteuid.

Now, from some of the articles about security I've been reading, seteuid
is sometimes considered not as secure as setuid.

But, the way Exim is written, does Exim stay in "root" mode longer
in "Setuid" mode than in "setuid+seteuid" mode? That is, if we were trying
to reduce the amount of time the code is running with a uid of root,
would you choose "setuid" or "setuid+seteuid" security mode?

P.S. We are running on Solaris 2.5.1 on Sparc Ultra

Thanks!


Este mensaje se envió a las siguientes listas de correo:
Exim-users
Información de la lista de correo | Mensajes cercanos		<-Re: recipients_max changed between 1.61 and 1.62?Re: Which is more secure?->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)