Re: Debian Policy based on the wrong technical assumptions
Christoph Lameter wrote:
>Security issues can be addressed by authentication provided by the
From: Thomas Koenig <email@example.com>
> Yet another large and potentially buggy piece of software running on a
> system. Yet another chance to mess up configuration files in a
> security-relevant way. I don't think these two issues can be addressed
> by authentication provided by the webserver :-)
I guess it would help a whole lot to not run the web server with root
privilege, would it not? My one runs as "nobody". I suppose we could chroot
Bruce Perens K6BP firstname.lastname@example.org 510-215-3502
Finger email@example.com for PGP public key.
PGP fingerprint = 88 6A 15 D0 65 D4 A3 A6 1F 89 6A 76 95 24 87 B3
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
firstname.lastname@example.org . Trouble?
e-mail to email@example.com .