[CTX]
[ALL]
external privileged commands
Privileged operations without being superuser
Some operations of DeleGate needs the privilege of super-user, but
running whole DeleGate process under super-user's ability is not
desirable for security. To solve the problem, you can execute DeleGate
by normal user while executing a privileged operation by a small external
program with "set user ID on execution" flag.
Those external subsidiary programs are placed at DGROOT/subin/ by
optional installation.
- dgpam -- to do PAM authentication (AUTHORIZER)
- dgchroot -- to do chroot(2) (CHROOT)
- dgbind -- to do bind(2) to privileged ports
(-P,
SRCIF,
FTP data,
SOCKS server)