Tony Meyer wrote:
It's a fundamental principle of Linux security that processes run
with the
minimum privilege level necessary to do their job, hence my earlier
question whether it needed to be root.
Another Linux fundamental is that the user has control over what
happens. I believe the
[Richard Heck]
the suggestion was that sb_server.py should handle these things
itself (as most system daemons do), that is, lower its own
privileges if it discovers that it is running as root
I'm -1 on this, personally. IMO it's up to whoever runs sb_server.py
(or any of the other
Tony Meyer wrote:
[Richard Heck]
the suggestion was that sb_server.py should handle these things
itself (as most system daemons do), that is, lower its own
privileges if it discovers that it is running as root
I'm -1 on this, personally. IMO it's up to whoever runs sb_server.py
(or
No one who knew what they were doing would want to run it as root.
It's not my business to assume that I know better than they. If they
have the ability to run something as root, then they should be able
to do so. People who don't know what they are doing shouldn't use
root at all.
In response to some questions raised on another list, I've been fiddling
with the initscript provided on the website for sb_server.py. (I'm doing
so under Fedora.) Two questions have arisen.
(1) Is there any reason that sb_server.py needs to run as root? If not,
then it would be very good to run