Re: Debian Policy based on the wrong technical assumptions
Christoph Lameter wrote:
>Security issues can be addressed by authentication provided by the
From: Thomas Koenig <firstname.lastname@example.org>
> Yet another large and potentially buggy piece of software running on a
> system. Yet another chance to mess up configuration files in a
> security-relevant way. I don't think these two issues can be addressed
> by authentication provided by the webserver :-)
I guess it would help a whole lot to not run the web server with root
privilege, would it not? My one runs as "nobody". I suppose we could chroot
Bruce Perens K6BP email@example.com 510-215-3502
Finger firstname.lastname@example.org for PGP public key.
PGP fingerprint = 88 6A 15 D0 65 D4 A3 A6 1F 89 6A 76 95 24 87 B3
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
email@example.com . Trouble?
e-mail to firstname.lastname@example.org .