From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-14) on finch.gentoo.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=DMARC_MISSING, MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=unavailable autolearn_force=no version=4.0.0 Received: from mailout02.sul.t-online.com (mailout02.sul.t-online.com [194.25.134.17]) by chiba.3jane.net (Postfix) with ESMTP id E0F4820ED312 for ; Sun, 10 Mar 2002 08:26:06 -0600 (CST) Received: from fwd06.sul.t-online.de by mailout02.sul.t-online.com with smtp id 16k4Dq-0004EA-02; Sun, 10 Mar 2002 15:22:50 +0100 Received: from portal.mydomain (520069246894-0001@[217.224.146.89]) by fmrl06.sul.t-online.com with smtp id 16k4Dd-1FSI7MC; Sun, 10 Mar 2002 15:22:37 +0100 Received: (qmail 5544 invoked from network); 10 Mar 2002 14:22:00 -0000 Received: from unknown (HELO mouse.mydomain) (192.168.1.12) by portal.mydomain with SMTP; 10 Mar 2002 14:22:00 -0000 Received: (qmail 2431 invoked by uid 1000); 10 Mar 2002 14:22:33 -0000 Date: Sun, 10 Mar 2002 15:22:33 +0100 From: Gert Menke To: gentoo-dev@gentoo.org Subject: Re: [gentoo-dev] Gentoo observations Message-ID: <20020310142233.GB2332@mouse.mydomain> References: <20020310031135.GA29666@powerhouse> <20020310093910.GA969@mouse.mydomain> <20020310134329.GA862@powerhouse> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020310134329.GA862@powerhouse> User-Agent: Mutt/1.3.24i X-Sender: 520069246894-0001@t-dialin.net Sender: gentoo-dev-admin@gentoo.org Errors-To: gentoo-dev-admin@gentoo.org X-BeenThere: gentoo-dev@gentoo.org X-Mailman-Version: 2.0.6 Precedence: bulk Reply-To: gentoo-dev@gentoo.org List-Help: List-Post: List-Subscribe: , List-Id: Gentoo Linux developer list List-Unsubscribe: , List-Archive: X-Archives-Salt: ee615c6f-fb4d-45e1-a854-94f8dd8df563 X-Archives-Hash: 7aa8cee00b826e6b610d1ddb1f3cfee5 Hi, On Sun, Mar 10, 2002 at 07:43:29AM -0600, mrfab@arn.net wrote: > I'd hesitate to go for root:www because there is always that possibility > that php or mod_perl or just developer error in a script could allow a > web user to overwrite a file--and with root permissions that could be a > disaster. Oh, I'm sorry. I was talking about the files when I said root:www. My httpd runs as nobody:www. Or are you talking about files with the SUID bit set? Greetings Gert