- Invocation from Inetd
Both "nowait" and "wait" status can be specified in inetd.conf.
In "nowait" status, the DeleGate will processes just one request
(session) and exits, thus is ineffective.
In "wait" status, the DeleGate will process multiple requests;
maximum count of request may be limited to N by
- Privileged operations without being superuser
Some operations of DeleGate needs the privilege of super-user, but
running whole DeleGate process under super-user's ability is not
desirable for security. To solve the problem, you can execute DeleGate
by normal user while executing a privileged operation by a small external
program with "set user ID on execution" flag.
Those external subsidiary programs are placed at DGROOT/subin/ by
- dgpam -- to do PAM authentication (AUTHORIZER)
- dgchroot -- to do chroot(2) (CHROOT)
- dgbind -- to do bind(2) to privileged ports