On Wed, Mar 01, 2000 at 03:44:44PM -0500, ari <[EMAIL PROTECTED]> wrote: > > Personally, i believe that running files as their own separate user is not good > enough; if at all possible, services should be in their own chroot()'ed > environment. There is no excuse for named to run either as root or > system-wide. There is no excuse for database servers to run either as root or > system-wide. Most of these programs which are commonly used by crackers to > fully compromise systems can be reasonably secured as-is, without even doing a > major rewrite (though a major rewrite would obviously be the best COA for the > program authors if they wish to provide real security). Another problem is that even normal users can't run untrusted programs without giving the programs access to their files and the network. This is getting to be a real problem as game and media programs are starting to do some very unfriendly things.
- RE: A complete log rolling & reporting system? Dave Sill
- RE: A complete log rolling & reporting system? Pavel Kankovsky
- RE: A complete log rolling & reporting sys... Russell Nelson
- RE: A complete log rolling & reporting... Pavel Kankovsky
- RE: A complete log rolling & repor... Russell Nelson
- RE: A complete log rolling & reporting sys... Dave Sill
- RE: A complete log rolling & reporting... Pavel Kankovsky
- RE: A complete log rolling & repor... Dave Sill
- Unix as it should be Russell Nelson
- Re: [qmail] Unix as it should be ari
- Re: Unix as it should be Bruno Wolff III
- Re: Unix as it should be Pavel Kankovsky
- Re: Unix as it should be Chris Garrigues
- Re: Unix as it should be Henri J. Schlereth
- Re: Unix as it should be (OT) Jon Rust
- Re: Unix as it should be (OT) Chris Garrigues
- Re: A complete log rolling & reporting system? Mark E. Drummond
- Re: A complete log rolling & reporting system?... vogelke
- Re: A complete log rolling & reporting sys... Mark E. Drummond
