[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Loging in to mike

To: tass@listserv.wwa.com
Subject: Re: Loging in to mike
From: "Geoff O'Callaghan" <geoff@asri.org.au>
Date: Tue, 19 Oct 2004 14:28:45 +1000
In-reply-to: <Pine.BSO.4.53.0410181034210.11878@darkstar.alembic.com>
Organization: Australian Space Research Institute
References: <200410181734.31719.geoff@asri.org.au><1098102454.25499.61.camel@vesta><Pine.BSO.4.53.0410181034210.11878@darkstar.alembic.com>
Reply-to: geoff@asri.org.au
Sender: owner-tass@listserv.wwa.com
User-Agent: KMail/1.6.2

On Tue, 19 Oct 2004 04:13 am, Ron Wickersham wrote:
> hi All,
>
> the issue of publishing logins (including passwords) serves the purpose
> of giving wide access to the file.

yes true, but giving even a non-privileged account to an undesirable is one 
step closer to having to rebuild your system :-(

>
> wouldn't our goal of wide distribution be served by linking the directories
> to apache?  this way the (normally accceptable) security of apache to
> serve files makes the security issue go away.   after all, the worker
> user is not granted write privileges anyway.
>

Yes, that'd be the ideal.  I'm not sure of what the goal is here.  There are 
usually several ways of doing things :-)

-goc-

Follow-Ups:
- Re: Loging in to mike
  - From: droege@snapmail.us

References:
- Re: Loging in to mike
  - From: "Geoff O'Callaghan" <geoff@asri.org.au>
- Re: Loging in to mike
  - From: Doug Welch <welch@physics.mcmaster.ca>
- Re: Loging in to mike
  - From: Ron Wickersham <rjw@alembic.com>

Prev by Date: Re: Loging in to mike
Next by Date: Re: Loging in to mike
Prev by thread: Re: Loging in to mike
Next by thread: Re: Loging in to mike
Index(es):
- Date
- Thread