On Tue, Sep 17, 2002 at 02:03:49PM +0100, Lusercop said: > I'm firmly supportive of the idea that someone who lets their box get > r00ted is not competent to have root access themselves.
In a way I'm tempted to agree with but - having been r00ted myself (*cough*) as have quite a few other sysadmins I know. On the one hand you could claim that that makes me a net drain on the community. On the other hand I think that I and the other people on the server provide quite a lot which the community might otherwise miss out on. It's a tricky argument which I'm not entirely convinced by either way. One thought of mine was to turn the concept of security on its head and instead assume that no system is secure (which is reasonable) and then work so that the effects of getting compromised are minimized - all your mail wiped out? The journaled file system retrieves it. Or the p2p backup system does. Somebody trying to DOS another machine? Limit that some way. Of course you can combine the two but sometimes I think it might be better, at the moment, to concentrate research on being prescriptive rather than proactive. or something. EStupidWithSleep.