Re: OT: Linux Interview Questions
Daniel Graham Palmer <me@danielpalmer.co.uk>:
> On Thursday 15 March 2007 14:28, you wrote:
> > If a server is a machine, then you can do so, but you probably don't want
> > to since it consumes system resources for tasks that are not core to the
> > server.
>
> How so? If it's not being put to useful work the process sleeps,
> and [its] memory is swapped out if it's needed for something
> else... this is the whole point of an operating system.
This stuff was born in an earlier age when trust could almost be
expected. telnet and ftp and remote shell sent passwords in the
clear. finger was allowed to tell anyone who asked whatever you
wanted to tell them. portmap and ident, ditto.
Much of this has since been locked down, or is simply obsolete and no
longer used. X Window now has -nolisten tcp, but could there still be
holes that might be exploited? Do you want to play that game, or
might it be simpler to just disable it if it isn't absolutely
necessary? X is not necessary for a server machine. It's a
convenience, and it _might_ cause problems.
Server admins have to be conservative, and be suspicious. A
compromised server can be used as a powerful weapon these days. We
owe it to others not to let that happen.
--
Any technology distinguishable from magic is insufficiently advanced.
(*) http://www.spots.ab.ca/~keeling Linux Counter #80292
- - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me.
Spammers! http://www.spots.ab.ca/~keeling/emails.html
Reply to: