Re: Excessive root usage in Debian
You are forgetting the case in which a program runs as root but may
have a bug that can cause damage even if not actively trying to be
exploited.
Joey Hess <joey@kitenet.net> writes:
> There's very little point in auditing programs that run as root unless they
>
> a) Take input form some source a non-root user might control.
> or
> b) Can be started as root by a non-root user.
>
> AFIAK neither a or b is true of m4 or makemap or sendmailconfig, or
> update-menus for that matter (though you have a point aboutr resource limits).
>
> --
> see shy jo
>
--
John Goerzen Linux, Unix consulting & programming jgoerzen@complete.org |
Developer, Debian GNU/Linux (Free powerful OS upgrade) www.debian.org |
----------------------------------------------------------------------------+
The 1,117,818th digit of pi is 5.
Reply to: