> Hmmm?
>
> The point is something called security.
There is no such thing as a "proper amount of security that is correct for
all operating environments".
> > apache with some BIG_SECURITY_HOLE defined in order to run as root, which means
> > you can't just use the out of the box apache rpm. Its so stupid to write
> > *extra* code that keeps people from doing something that isn't even
> > fundamentally incorrect.</RANT>
>
> This has no logic. Security is fundamental. No security is fundamentally
> incorrect.
Well, you could make a box very secure by unplugging all the LAN cables from
it and putting it in a giant safe deposit box. However, I would say that such
a machine would be fundamentally incorrect for most operating environments.
Do you worry about whether or not someone snuck into your house at night and
installed some sort of keyboard logging device onto your PC so that they can
get your root password? Is that a "fundamental" part of your personal
security? Probably not, because *that* would be illogical for most people to
worry about.
Many people run their machines with "+ +" in root's .rhosts file because it
eases the task of doing administration. They work in a company where the box is
behind a firewall on some public network and they need there computers to
get real work done.... they don't want things like "security" to get in the
way because nobody is trying to hack those machines.
Chad
