Received: (at submit) by bugs.debian.org; 6 Nov 2000 22:03:01 +0000
From raszi@great.expectations.netfoo.org Mon Nov 06 16:03:01 2000
Return-path: <raszi@great.expectations.netfoo.org>
Received: from tty-53.nas1.euroweb.hu (great.expectations) [::ffff:193.226.222.53] 
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 13suM0-0003E6-00; Mon, 06 Nov 2000 16:03:00 -0600
Received: from raszi by great.expectations with local (Exim 3.16 #1 (Debian))
	id 13suLw-0000Tn-00; Mon, 06 Nov 2000 23:02:56 +0100
From: KARASZI Istvan <raszi@great.expectations.netfoo.org>
Subject: mrtg: why run mrtg with privileged user?
To: submit@bugs.debian.org
X-Mailer: bug 3.3.7
Reply-To: raszi@bigfoot.com
Message-Id: <E13suLw-0000Tn-00@great.expectations>
Date: Mon, 06 Nov 2000 23:02:56 +0100
Delivered-To: submit@bugs.debian.org

Package: mrtg
Version: 2.8.12-2
Severity: wishlist

Hello,

 i think it's enough, when mrtg run with non-privileged user (like www-data),
 because it's already enough for most read things (snmpd, /proc/ files, etc.).
 And this is maybe a possible sechole. It's not a coincidence, that i suggest
 www-data user, because with apache's default config httpds runs with this.

 Thanks:
 RASZi

-- System Information
Debian Release: woody
Kernel Version: Linux great.expectations 2.2.17 #1 Sat Oct 28 16:28:41 CEST 2000 i686 unknown

Versions of the packages mrtg depends on:
ii  freetype2      1.3.1-1        The FREE TrueType Font Engine, shared librar
ii  libc6          2.1.96-1       GNU C Library: Shared libraries and Timezone
ii  libgd1         1.8.3-3        GD Graphics Library
ii  libjpeg62      6b-1.2         The Independent JPEG Group's JPEG runtime li
ii  libpng2        1.0.8-1        PNG library - runtime
ii  libsnmp-sessio 0.79-1         Perl support for accessing SNMP-aware device
ii  xlib6g         4.0.1-1        pseudopackage providing X libraries
ii  zlib1g         1.1.3-11       compression library - runtime
ii  xlibs          4.0.1-1        X Window System client libraries
	^^^ (Provides virtual package libxpm4)
ii  perl-5.005     5.005.03-7.1   Larry Wall's Practical Extracting and Report
	^^^ (Provides virtual package perl5)

--- Ignoring conffile /etc/mrtg.cfg (not world readable)

--- Begin /etc/cron.d/mrtg (modified conffile)
0-55/5 *	* * *	www-data	if [ -x /usr/bin/mrtg ]; then /usr/bin/mrtg /etc/mrtg.cfg; fi

--- End /etc/cron.d/mrtg