[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: default MTA for sarge

On Tue, Jul 15, 2003 at 01:11:12AM +0200, Sebastian Kapfer wrote:
> Do people use their web server for regular work? I have a server in mind
> which does nothing but serving HTTP. (Uploading data via FTP doesn't
> count.) What tasks would you perform on such an installation without being
> root? The situation is different for a desktop box of course, where root
> logins are a big no-no.

First of all, I dont know about you, but on my WEb Servers more than one
person is doing work. Each group has their own work dir. You can do every
day maintenance totally as non root. Only restarting and modyfying the
config is done by root, but actually it does not need to be.

The least priveledge principle is especially important for internet servers.
It is all about hardening.

Gruss
Bernd
-- 
  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
Reply to: