[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Running Lambdamoo as root?

Manong Dibos wrote:
> (from Loft) Blackbriar thinks.  I dunno, I don't see that it hurts much.
> OpalMOO runs as root, but there's also nothing else on the machine to
> potentially be harmed.

Theoretically, it's safe to run it as root. In practice, if there is a
buffer overflow, a wizard could explit it to get a root shell or overwrite
/etc/passwd or something. So I'd like to run it as non-root.

> Personally, I like the solution of having all the moo's and muds run as
> user "moo".
> 
> I may be offbase, and Joey mentioned this might be hard to implement.  How
> hard is it?

It's just annoying to get it into the passwd file, and force everyone to
update their /etc/passwd (since this isn't done automatically yet). If we
already have some other user that's appropriate, I'd rather not go through
the hassle of adding a new one. After all, only a small percentage of debian
installs will include lambdamoo.

-- 
see shy jo


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .
Reply to: