Steve Brewin escribió:
Achieving sysadm trust is not the same as achieving a maximally hardened
solution. Perhaps James could achieve a level of trust from some Unix
sysadms by making it possible to mirror the deployment environments that
they trust. Fine. But as developers we shouldn't be blind
Santiago Gala wrote:
I think a good equilibrium point between the marketing view of
security (making sysadms trust) and purist java technical view would be
to allow James not having to run as root under Unix (to handle protected
ports like 25, 110, etc.) and then securing the rest of the
On Wednesday, July 2, 2003, at 10:46 AM, Serge Knystautas wrote:
Santiago Gala wrote:
I think a good equilibrium point between the marketing view of
security (making sysadms trust) and purist java technical view would
be to allow James not having to run as root under Unix (to handle
protected
On Wednesday, July 2, 2003, at 07:46 AM, Serge Knystautas wrote:
Santiago Gala wrote:
I think a good equilibrium point between the marketing view of
security (making sysadms trust) and purist java technical view would
be to allow James not having to run as root under Unix (to handle
protected
Serge Knystautas escribió:
Santiago Gala wrote:
I think a good equilibrium point between the marketing view of
security (making sysadms trust) and purist java technical view would
be to allow James not having to run as root under Unix (to handle
protected ports like 25, 110, etc.) and then
Some random thoughts--aside from the personal defense against a
perceived attack which I'm not wanting to get involved with. :)
On Wednesday, July 2, 2003, at 12:53 AM, Steve Brewin wrote:
I did say I'm sure that everyone is in favour of hardening James as
much as
possible. Its just that we
* Ask Bjoern Hansen ([EMAIL PROTECTED]) wrote :
On Wed, 2 Jul 2003, James Duncan Davidson wrote:
By changing their id after they launch as root. setuid. Pretty common
thing to do. See man setuid.
With qmail it's even more separated. There's a small program that
opens the port and then