On Fri, Aug 01, 2003 at 04:51:11PM -0400, Chad N. Tindel wrote:
>
> <RANT>As a programmer, I personally would never write code that kept people from
> running things as root. I mean, what is the point? If an administrator
Hmmm?
The point is something called security.
> wants to run postgresql or apache as root, why shouldn't they be allowed
> to make that conscious decision for themselves? As it is, you have to recompile
Because administrators have too much to worry about. If an application
makes a conscious decision to allow itself to run in a knowingly insecure
manner, that application is doing the admin a disfavor, and should be
ditched.
> apache with some BIG_SECURITY_HOLE defined in order to run as root, which means
> you can't just use the out of the box apache rpm. Its so stupid to write
> *extra* code that keeps people from doing something that isn't even
> fundamentally incorrect.</RANT>
This has no logic. Security is fundamental. No security is fundamentally
incorrect.
-Roberto
--
+----| Roberto Mello - http://www.brasileiro.net/ |------+
+ Computer Science Graduate Student, Utah State University +
+ USU Free Software & GNU/Linux Club - http://fslc.usu.edu/ +
---------------/ NO INSPIRATION TODAY /-------------------