On Fri, 2003-02-21 at 09:15, Jim Reid wrote: > >>>>> "Ed" == Ed Sawicki <[EMAIL PROTECTED]> writes: > > Ed> I want my systems to be as secure from attack as possible. To > Ed> me, this means never allowing both functions to be provided by > Ed> the same codebase. > >> Fine. But by the same reasoning, you wouldn't want to provide > >> both functions on the same box. > > Ed> I can run both processes in the same computer safely because > Ed> each is running as a different non-root user and each is > Ed> chrooted to a different place in the file system. If I'm > Ed> really paranoid, I can run each in its own Linux virtual > Ed> machine (UML) - all the while using only one IP address. > > So what? The stuff is still on just one box. You've still got all your > eggs in one basket. Albeit a basket with fancy padded compartments. All > this software ring-fencing isn't going to help if the CPU catches fire > or someone trips over the power cable and disconnects it, etc, etc.
It sounds like you agree that "ring-fencing" is an effective means of securing the processes. I've never had a CPU catch fire and my power cables are not exposed to foot traffic so I rate that risk as low for my network. > > Ed Sawicki <[EMAIL PROTECTED]> > ALC #---------------------------------------------------------------------- # To unsubscribe, send a message to <[EMAIL PROTECTED]>.
