Justin Funke <[EMAIL PROTECTED]> said:
> Question 1 -
> I am unable to change the permissions to user "nobody" without breaking
> some of the functionality. I have elected to go with user "www" for all
> these potential security risks and the "shared" group. Any comments?
Really need more info on what security risks your opening. My own
personal experience is sometimes security is counterproductive. If it is
a production 'need' and the risk is acknowledged, signed off on and
understood, implementing less security to get the job done 'may' be
appropriate. Judgement call.
As an example I've looked into some very secure Linux distros and
allthough they are vastly secure, they are simply unusuable in a standard
small office.
Take e-smith's implementation of SSH. If security was the 'only' concern
they would force public/private key generation. Since this is a royal
pain to administer I thank them for enabling password security as their
default.
--
Darrell May
DMC NETSOURCED.COM
http://netsourced.com
--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support for registered customers and partners to [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
