Ken Williams wrote:
But then are we to assume that the programs are getting written in the production environment, and put into place for execution without testing or code audits? again the discussion was about running as a privileged user for every day activities (granted we are way off the original topic which didn't start out as this, but that is where it had been taken), and naturally a program can cause damage when run in a privileged manner, but that damage should be prevented several phases before being put into a place where damage can be caused.On Monday, November 18, 2002, at 06:13 AM, Wiggins d'Anconia wrote:Heather Madrone wrote:Most of my career was spent as a C/C++ systems programmer. The damage I can do with a command line as root is nothing compared to the damage I can do with a C compiler.
This makes no sense? Compiling as a non-root user can cause more damage than a root enabled user?
She's saying that she's writing systems programs, which (when run) can cause a great deal of damage if they contain errors or malicious code.
http://danconia.org
