On Fri, 16 May 1997, Philip Hazel wrote:
> On Fri, 16 May 1997, Jay Denebeim wrote:
>
> > IMO reducing the security on a bunch of directories is a much larger
> > security breach than running a trusted program. You should only exit root
> > when actually running external programs I think.
>
> Ooooohhhhh!!!! *That* will stir up some reactions on this list, I
> expect. It is quite contrary to what the "security experts" have been
> telling me (quite forcibly in some cases).
Well, I'm hardly a security expert, but allowing just any user to see the
files in my home directory isn't something *I'D* want.
> In this particular case, sometimes not even being root can help you. If
> the users' home directories are NFS mounted without root access, root
> cannot read them.
I think root can if the uid is set can't it?
Jay
* Jay Denebeim, Moderator, rec.arts.sf.tv.babylon5.moderated *
* newsgroup submission address: b5mod@??? *
* moderator contact address: b5mod-request@??? *
* personal contact address: denebeim@??? *
