standalone-nnrpd "dies" when hitting ressource limits

Russ Allbery rra at
Wed Jul 12 05:45:40 UTC 2000

Moved to inn-workers.

Sven Paulus <sven at> writes:

> Another idea: Why are we running nnrpd as user "news"? The only cause I
> can think of is to spool articles which couldn't be transmitted to
> innd. If we add (optionally) another user we could seperate DoS problems
> like the one mentioned (some users opening some hundred connections to
> nnrpd).

That's not at all a bad idea.  And if the other user were in group news,
it could still have access to the local posting socket and the like, and
one could even just make /news/incoming group-writeable (which I don't
believe opens any additional security problems).

Russ Allbery (rra at             <>

More information about the inn-workers mailing list