Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#42487 - [shadowsocks] Run as shasowsocks user
Attached to Project:
Community Packages
Opened by Mauro Santos (R00KIE) - Tuesday, 21 October 2014, 20:37 GMT
Last edited by Toolybird (Toolybird) - Thursday, 02 November 2023, 19:51 GMT
Opened by Mauro Santos (R00KIE) - Tuesday, 21 October 2014, 20:37 GMT
Last edited by Toolybird (Toolybird) - Thursday, 02 November 2023, 19:51 GMT
|
DetailsIt would be useful if a new user:group (shadowsocks:shadowsocks) was created on install and used to run shadowsocks.
This change would allow an easy match by user with iptables so that shadowsocks can be restricted not to reach local/private addresses or reach other services running in the same machine. Adding some restrictions such as Private{Tmp,Devices}, ProtectSystem, ProtectHome and NoNewPrivileges to the service file would also be nice to try to make sure shadowsocks does not anything it isn't supposed to do. |
This task depends upon
Closed by Toolybird (Toolybird)
Thursday, 02 November 2023, 19:51 GMT
Reason for closing: Duplicate
Additional comments about closing: Superseded by FS#80141
Thursday, 02 November 2023, 19:51 GMT
Reason for closing: Duplicate
Additional comments about closing: Superseded by
Comment by Buggy McBugFace (bugbot) -
Tuesday, 08 August 2023, 19:11 GMT
This is an automated comment as this bug is open for more then 2 years. Please reply if you still experience this bug otherwise this issue will be closed after 1 month.