[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Excessive root usage in Debian

You are forgetting the case in which a program runs as root but may
have a bug that can cause damage even if not actively trying to be

Joey Hess <joey@kitenet.net> writes:

> There's very little point in auditing programs that run as root unless they
> a) Take input form some source a non-root user might control.
> or
> b) Can be started as root by a non-root user.
> AFIAK neither a or b is true of m4 or makemap or sendmailconfig, or
> update-menus for that matter (though you have a point aboutr resource limits).
> -- 
> see shy jo

John Goerzen   Linux, Unix consulting & programming   jgoerzen@complete.org |
Developer, Debian GNU/Linux (Free powerful OS upgrade)       www.debian.org |
The 1,117,818th digit of pi is 5.

Reply to: