Subject: Re: changing default user from bin:bin to root:wheel
To: Bruce Barnett <firstname.lastname@example.org>
From: Curt Sampson <email@example.com>
Date: 02/20/1998 10:19:47
On Thu, 19 Feb 1998, Bruce Barnett wrote:
> The real danger, as I see it, is in getting the proper group
> permissions. This in itself is not a problem. The problem is that if
> there ARE sufficient group privileges, someone might gain access to
> that group through setgid executables, or NFS file systems where the
> group is not wheel. In other words, a combination of small errors can
> compromise a system.
Perfectly correct. A general principle of security is that if you
can set things up to avoid opportunities for small errors, you
Curt Sampson firstname.lastname@example.org Info at http://www.portal.ca/
Internet Portal Services, Inc. Through infinite mist, software reverberates
Vancouver, BC (604) 257-9400 In code possess'd of invisible folly.