Hi, Richard Lynch wrote: > I suspect that people who looked into doing this fall into two categories: > > Those who heeded the experts who told them "Don't do that" and didn't do > it. > > Thoee who ignored the experts, went ahead and did it, and cobbled together > enough band-aid security measures to be "Okay" with it, but not something > they want to publish what they did, because then it would be too easy to > attack them. > > Actually, there's probably a third category: Those who don't even really > own their own machines any more because they got root-ed. :-v >
I know you're trying to cheer me up, but this isn't helping! ;-) I have this theory that if what you're trying to protect is important enough, somebody will get through the security barriers eventually. That goes double for the internet. A good point that I've failed to bring up is the question "How secure do you need it to be?". I think that's an important consideration. Your three groups sound quite accurate, but my big problem is that when a program _has_ to do these things, I'm left in group #2, because I can't find any tried-and-tested methods. This is not usually the case with PHP, the community always seems to provide good solutions. I'm left in group #2 until I've become an expert in this myself, several unpaid years into the future... Webmin is a common tool, and if their security measures don't hold up, then we're in big trouble. I believe they're using PAM somehow, I'll look into that. Until then, it's a sudo scheme. Thanks again, Niels -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
