Re: write protecting syslog

From: Tom Whiting (wolf@wolfstream.net)
Date: 02/25/02


On Mon, 2002-02-25 at 16:35, paolo greco wrote:
> From: "George Greer" <greerga@circlemud.org>
> > That's because when you run 'autorun' as root it rotates the logs. So
> > CircleMUD creates a new log owned by root.  Then since you're not root,
> you
> > can't write to it.
> > George Greer
> Maybe it would help to set a little check on userid...
> But what about chrooting circlemud?
> Has this been tried before?
>   Paolo Greco
Bah

As a system administrator myself, I've only got that to say.
First off, running ANYTHING non daemon related as root is a big old no
no. Even running daemons (as root) shouldn't be done.. that's stuff that
should be done @ startup Why? Well, do you WANT your system to be
hacked?? **cough**

Running applications as root is a big old pain. Muds can be just as
deadly as the next program when run the wrong way.
For example, if you run a mud as root, then ALL users of this mud have
world write permissions.. ICK!

Second reason why running your application as root, is, well, worse than
being hacked, you actually have to log root in to deal with the code, to
deal with the backups, and all of that. So, if you've got more than one
person doing your code, or administrating your system, well, that's a
big old fat no no.

Root is a SYSTEM administrator, not a personal user for running
applications (such as muds, blah blah blah). Running said applications
as root only leaves you vulnerable to attack, and quite possibly hostile
actions towards your server (it's happened before).

--
   +---------------------------------------------------------------+
   | FAQ: http://qsilver.queensu.ca/~fletchra/Circle/list-faq.html |
   | Archives: http://post.queensu.ca/listserv/wwwarch/circle.html |
   | Newbie List:  http://groups.yahoo.com/group/circle-newbies/   |
   +---------------------------------------------------------------+



This archive was generated by hypermail 2b30 : 06/25/03 PDT