[ale] Linux Distributions

Michael B. Trausch fd0man at gmail.com
Tue May 17 21:09:21 EDT 2005


George Carless wrote:
> 
> No; it's exactly the other way around.  There will always be 
> poorly-written applications - and even the best-written applications 
> will always have bugs, particularly in an environment where code reuse 
> is considered a Good Thing and where many "well-written", to-be-trusted 
> applications can make use of libraries which have problems.  I would 
> doubt that there is such a thing as a bug-free program of any 
> complexity.  So it becomes a matter of mitigating the potential for 
> damage.  
> 

The other problem is that you cannot trust users, and sometimes you
can't trust yourself.  If your user has access to things, that's fine,
but if your user has root privilege because you're running as root, and
you *need* root privilege that often that it is worth it to you to throw
security out the window, you've designed the build of your system and
it's customizations horribly wrong.  I wouldn't want anyone with that
school of thought to be anywhere close to the boxes that I manage myself
for others, because that's just asking for yet another security risk
that is unnecessary.  Really.

Unles you are perfect, root isn't something that you should be running
as on a regular basis.  And if you're perfect, then you've no need to be
in any LUG, or any user group at all.

	- Mike

-- 
Michael B. Trausch                               <fd0man at gmail.com>
Website: http://fd0man.chadeux.net/     Jabber: mtrausch at jabber.com
Phone: +1-(678)-522-7934              FAX (US Only): 1-866-806-4647
===================================================================
Do you have PGP or GPG?  Key at pgp.mit.edu, Please Encrypt E-Mail!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature




More information about the Ale mailing list