On Fri, Aug 01, 2003 at 04:51:11PM -0400, Chad N. Tindel wrote: > > <RANT>As a programmer, I personally would never write code that kept people from > running things as root. I mean, what is the point? If an administrator
Hmmm? The point is something called security. > wants to run postgresql or apache as root, why shouldn't they be allowed > to make that conscious decision for themselves? As it is, you have to recompile Because administrators have too much to worry about. If an application makes a conscious decision to allow itself to run in a knowingly insecure manner, that application is doing the admin a disfavor, and should be ditched. > apache with some BIG_SECURITY_HOLE defined in order to run as root, which means > you can't just use the out of the box apache rpm. Its so stupid to write > *extra* code that keeps people from doing something that isn't even > fundamentally incorrect.</RANT> This has no logic. Security is fundamental. No security is fundamentally incorrect. -Roberto -- +----| Roberto Mello - http://www.brasileiro.net/ |------+ + Computer Science Graduate Student, Utah State University + + USU Free Software & GNU/Linux Club - http://fslc.usu.edu/ + ---------------/ NO INSPIRATION TODAY /------------------- ---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/docs/faqs/FAQ.html
