Date: 02 Jan 2001 18:27:49 -0500 From: Chris Shenton <cshenton@OutBounderInc.com> To: "Jeffrey D. LaCoursiere" <jeff@jeff.net> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: FW: Prepaid Internet Service (fwd) Message-ID: <lfelyl1qmi.fsf@Samizdat.uucom.com> In-Reply-To: "Jeffrey D. LaCoursiere"'s message of "Tue, 2 Jan 2001 15:59:09 -0600 (CST)" References: <Pine.BSF.4.21.0101021553020.2323-100000@jeffdev.billmax.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2 Jan 2001 15:59:09 -0600 (CST), "Jeffrey D. LaCoursiere" <jeff@jeff.net> said: Jeffrey> It is true that most of the BillMax processes run as root. Jeffrey> This is only a security issue if the machine is accessible to Jeffrey> the outside world, which generally it is not. [...] I'll be doing some work for an ISP which just purchased BillMax. I'm a bit of a paranoid so running as root may bother me more than most -- even if you've tried to close all the doors you can think of. I prefer the "principal of least privilege". While I'm not intimate with BillMax yet, I have done lots of work with apache, php, perl, mysql, radius, etc. I can't see that anything in BillMax would require running as root, since none of the components does. If not, I'd certainly prefer it to run as some non-root user, maybe even something like user "billmax". Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?lfelyl1qmi.fsf>