On Tue, Jun 04, 2013 at 12:43:08PM +0200, helix84 wrote: > OK, I didn't mean to start a discussion, just wanted to give you a > point to think about, so let me just repeat the single point I made: > > In the particular common case I described, there is no difference in > risk (neither its likelihood nor its impact) between compromising the > tomcat account and the root account.
I think I disagree. root can do anything, while service accounts are usually carefully limited, and can't create new accounts, replace system software, etc. Compromise Tomcat and you've compromised Tomcat; compromise root and you've taken over the machine, and can take arbitrary actions within the security perimeter. In the DSpace context, would it be fair to say that, while developers take reasonable care, DSpace is not tested to run as root and should not be so used? -- Mark H. Wood, Lead System Programmer [email protected] Machines should not be friendly. Machines should be obedient.
signature.asc
Description: Digital signature
------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
