FS#42487 - [shadowsocks] Run as shasowsocks user
Attached to Project:
Community Packages
Opened by Mauro Santos (R00KIE) - Tuesday, 21 October 2014, 20:37 GMT
Last edited by Toolybird (Toolybird) - Thursday, 02 November 2023, 19:51 GMT
Opened by Mauro Santos (R00KIE) - Tuesday, 21 October 2014, 20:37 GMT
Last edited by Toolybird (Toolybird) - Thursday, 02 November 2023, 19:51 GMT
|
Details
It would be useful if a new user:group
(shadowsocks:shadowsocks) was created on install and used to
run shadowsocks.
This change would allow an easy match by user with iptables so that shadowsocks can be restricted not to reach local/private addresses or reach other services running in the same machine. Adding some restrictions such as Private{Tmp,Devices}, ProtectSystem, ProtectHome and NoNewPrivileges to the service file would also be nice to try to make sure shadowsocks does not anything it isn't supposed to do. |
This task depends upon
Closed by Toolybird (Toolybird)
Thursday, 02 November 2023, 19:51 GMT
Reason for closing: Duplicate
Additional comments about closing: Superseded by FS#80141
Thursday, 02 November 2023, 19:51 GMT
Reason for closing: Duplicate
Additional comments about closing: Superseded by
Comment by
Buggy McBugFace (bugbot) - Tuesday,
08 August 2023, 19:11 GMT
This is an automated comment as this bug is open for more then 2
years. Please reply if you still experience this bug otherwise
this issue will be closed after 1 month.