| From: | Roberto Mello <rmello(at)cc(dot)usu(dot)edu> |
|---|---|
| To: | "Chad N(dot) Tindel" <chad(at)tindel(dot)net> |
| Cc: | "scott(dot)marlowe" <scott(dot)marlowe(at)ihs(dot)com>, pgsql-docs(at)postgresql(dot)org |
| Subject: | Re: Mysql -> Postgresql pitfalls |
| Date: | 2003-08-02 06:33:46 |
| Message-ID: | 20030802063346.GA24640@cc.usu.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs |
On Fri, Aug 01, 2003 at 04:51:11PM -0400, Chad N. Tindel wrote:
>
> <RANT>As a programmer, I personally would never write code that kept people from
> running things as root. I mean, what is the point? If an administrator
Hmmm?
The point is something called security.
> wants to run postgresql or apache as root, why shouldn't they be allowed
> to make that conscious decision for themselves? As it is, you have to recompile
Because administrators have too much to worry about. If an application
makes a conscious decision to allow itself to run in a knowingly insecure
manner, that application is doing the admin a disfavor, and should be
ditched.
> apache with some BIG_SECURITY_HOLE defined in order to run as root, which means
> you can't just use the out of the box apache rpm. Its so stupid to write
> *extra* code that keeps people from doing something that isn't even
> fundamentally incorrect.</RANT>
This has no logic. Security is fundamental. No security is fundamentally
incorrect.
-Roberto
--
+----| Roberto Mello - http://www.brasileiro.net/ |------+
+ Computer Science Graduate Student, Utah State University +
+ USU Free Software & GNU/Linux Club - http://fslc.usu.edu/ +
---------------/ NO INSPIRATION TODAY /-------------------
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Chad N. Tindel | 2003-08-02 17:04:10 | Re: Mysql -> Postgresql pitfalls |
| Previous Message | Tom Lane | 2003-08-02 02:49:01 | Re: Mysql -> Postgresql pitfalls |