httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Turner <>
Subject Re: [users@httpd] useradd
Date Mon, 20 Jan 2003 02:36:26 GMT
Zac Stevens wrote:

>On Sun, Jan 19, 2003 at 05:22:32PM -0800, J. Greenlees wrote:
>> only danger is in unauthorised root access, either by hacker or a legit 
>> user getting root access by error.
>> the more difficult getting the command to run ( like having to type 
>> entire path ) the less damage can be done accidently.
>I see your point - but respectfully submit that if you're relying on the
>default setting of PATH for security, you already have very serious

My point, though not well made, is that user and admin functions should
be kept separate, and that putting system pathways in user-land blurs
the concept.  You might call it a stretch, but once the line is crossed
in one area, people are more likely to cross again.  What-the-hey, su
and sudo are PITAs, let's change permissions on just this one...
 If someone tells you---
 "I have a sense of humor, but that's not funny." 
                                  ---they don't.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message