On Wed, Aug 15, 2001 at 02:50:26PM -0600, John Galt wrote: [ note; please don't Cc: me on list mails; I read the list. This request is pretty clearly laid out in my headers; I'm putting it here as well so you have less of an excuse to ignore it ]
[ jeopardy style quoting undone, reply after the quoted material ] > On Wed, 15 Aug 2001, Nathan E Norman wrote: > > >On Wed, Aug 15, 2001 at 08:25:07AM -0400, Hall Stevenson wrote: > >> > > > > I recently installed Netscape Communicator, > >> > > > > which works great, except that I can't run it > >> > > > > as root due to "security reasons". Does anyone > >> > > > > know how I can get around this? Below was written be Karsten M. Self > >> > > > > >> > > > Don't run it as root. > >> > Below wasn't > >> > hmmm, not the most useful answer I have ever seen, > >> > edit the file /etc/netscape4/config and either uncomment > >> > the line which says ALLOW_ROOT=yes or add it to > >> > the config file. > >> > But below was. Someone's MUA has NFC how to quote, or someone's playing games. > >> > Again: don't run it as root. > >> > >> Again, he asked *how* to do it. He didn't ask for people's > >> opinions on whether or not he should. It's his business if > >> he's runs it as root. It's his system. > > > >Ah, I see we will now look forward to posts from you condemning people > >who suggest "kernel-package" when asked "why didn't my kernel compile > >work; I used 'make bzlilo'", posts which point out that including "." > >in your PATH is a bad idea, posts which conclude telnet is a security > >risk ... > > > > Because Stevenson failed to attribute, I can't figure out who >> > > > is, commented above. > but that person wasn't being helpful. A one line answer is appropriate > sometimes, when that one line actually aids the person in question to do > what they asked. Otherwise, they're just wasting breath. However, I too > am getting tired of doctrinaire things like the . in $PATH, telnet > vulnerabilities and so forth being quoted as the Holy Gospel, and like the > Holy Gospel, supposed to be accepted on faith alone. I'm not expecting anyone to accept anything on faith alone ... I'm hoping people will accept information that has been gained via experience as valuable. If everyone has to experience disaster firsthand, then let's get rid of the internet since sharing information implies some bit of "faith". > Telnet is a security > hazard because everything goes over in the clear, making the session > snoopable and vulnerable to password sniffing programs like dsniff. If > you haven't seen firsthand how many passwords you can harvest on the > average network, you have no business slamming telnet (pop3 is > actually the biggest culprit: it tends to resend passwords on a periodic > basis). So you admit telnet is a security hazard, then resort to an ad hominem attack to defend it? For your information, I've been a network engineer for some 5 years now. I have seen how much information can be sniffed since as the engineer I was usually the guy with the sniffer. Anything that passes information in the clear (telnet, ftp, pop3, imap, snmp ...) is a security risk. I think I'm quite qualified to "slam" telnet, thank you. If you don't think "." in your PATH is a security risk, then you seem to know something that most UNIX people do not. To me, the most annoying thing about this thread is that if the original poster could READ he'd haver quickly found out how to run netscape as root, and wouldn't have had to trouble the list at all. -- Nathan Norman - Staff Engineer | A good plan today is better Micromuse Ltd. | than a perfect plan tomorrow. mailto:[EMAIL PROTECTED] | -- Patton
pgpXgJy9XgDw0.pgp
Description: PGP signature
