oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Use libcapng to drop all privileges

Browse Source 
except for CAPNG_NET_BIND_SERVICE so we can bind to ports < 1024.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
This commit is contained in:
Guido Günther
2010-02-17 17:23:46 +01:00
committed by Love Hornquist Astrand
parent ec18315352
commit 45a94f309b
4 changed files with 193 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
kdc/Makefile.am
View File

@@ -109,11 +109,12 @@ LDADD = $(top_builddir)/lib/hdb/libhdb.la \
$(LIB_roken) \
$(DBLIB)
kdc_LDADD = libkdc.la $(LDADD) $(LIB_pidfile)
kdc_LDADD = libkdc.la $(LDADD) $(LIB_pidfile) $(CAPNG_LIBS)
if FRAMEWORK_SECURITY
kdc_LDFLAGS = -framework SystemConfiguration -framework CoreFoundation
endif
kdc_CFLAGS = $(CAPNG_CFLAGS)
digest_service_LDADD = \
libkdc.la \