List-Managers: Re: Poll/Voting Facility (fwd)

List-Managers
(February 1998)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Poll/Voting Facility (fwd)
From:	Manar Hussain <manar @ ivision . co . uk>
Date:	Mon, 09 Feb 1998 21:08:05 +0000
To:	list-managers @ greatcircle . com
In-reply-to:	<m0y201P-000ielC@rosa.deliberate.com>
References:	<19980209025241.45047@fnord.guru.execpc.com>

>I feel safer running The Clerk (the underlying dataserver) as root
>because then only one password has access to the data files.

I haven't used your software so maybe I've got the wrong end of the stick -
but if anyone other than root can cause effect to a process (cause it to
run, effect data that it reads etc.) that you run as root then I'd consider
that a potential security rule.

On the whole - never run anything as root unless you absolutely have to -
create new users as required who can only do the things that need to be
done for that task.

Manar

References:

Re: Poll/Voting Facility (fwd)
From: Aaron Schrab <aaron+lm@schrab.com>
Re: Poll/Voting Facility (fwd)
From: marilyn@deliberate.com (Marilyn Davis)

Indexed By Date	Previous:	Re: Poll/Voting Facility (fwd) From: marilyn@deliberate.com (Marilyn Davis)
Indexed By Date	Next:	Re: Poll/Voting Facility (fwd) From: Aaron Schrab <aaron+lm@schrab.com>
Indexed By Thread	Previous:	Re: Poll/Voting Facility (fwd) From: marilyn@deliberate.com (Marilyn Davis)
Indexed By Thread	Next:	Re: Poll/Voting Facility (fwd) From: Aaron Schrab <aaron+lm@schrab.com>