[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Excessive root usage in Debian

On Tue, Oct 12, 1999 at 08:57:11PM +0200, Marco d'Itri wrote:
> On Oct 12, John Goerzen <jgoerzen@complete.org> wrote:
> 
>  >Along the same lines, we ought to have special accounts for
>  >subsystems.  We already have some of this.  There's www-data, daemon,
> Agreed. We have many daemons which run as root even if they don't really
> need that. I think this should be policy ("daemons should run as root
> only if really needed").

I have several thoughts:
1) It should be done.
2) It will be hard (time consuming, proving minimal sets of abilities) to
do.
3) It should be done as part of an overall modularization of dpkg and the
debian tools' security.  Ideally, when linux gets full blown ACL's,
capabilities, and security levels (hey, we could be B2 then, with a
network! Smoke that Mr. Gates), we just enable the feature.  All the
ground work would be laid already.

Then there are other OS's; Does Hurd have a more complete security model?

Ciao!

-- 
Any programming language is at its best before it is implemented and used.
                            
The Doctor What: Guru to the Gods                http://docwhat.gerf.org/
docwhat@gerf.org                    (finger docwhat@gerf.org for PGP key)
KF6VNC
Reply to: