Ok, i understand the dangers of using root. I will bring this to the attention of the CTO of the company, which he should know already, but none the less. You must know though, I do not have the power to change the way things are done. If he says "ahhh, dont worry about it," then what am I to do? Personally, I use Ubuntu, which I really like, and I dont have to worry about the "su/root" issue....the companies encoders and decoders, now thats a whole other issue.
Now, enough scolding me :) Bo On Aug 30, 2014, at 8:09 PM, Danny Yoo <d...@hashcollision.org> wrote: >>>> One other thing: if you can avoid running commands as root, I'd >>>> strongly suggest doing so. Your second screenshot shows that you're >>>> running as root superuser, and the imaginary security demon that sits >>>> on my left shoulder is laughing uproariously as we speak. >>> >>> Haha Yes I am aware of people like you who are just itching to exploit >>> vulnerabilities like that; however, the programs my company uses to >>> broadcast will only run as root. >> >> >> That's a really bad design decision, and rarely necessary. It is often >> _easy_, but it leaves your systems at much greater risk. > > > I agree with Cameron. On a scale from 1 to 10, where 10 is "oh my god > this is bad", what you're doing by running such a program as root is > about an 8 or 9. But, then, I've always been an optimist. > > The fact that you're doing this in the context of a company, where > things actually _matter_, turns the situation from what I thought was > merely "dubious" into one that's closer to "criminal". Please, please > get an education from your local friendly Unix system administrator > about running as root superuser. _______________________________________________ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
