Apache and suexec issue that wont let me run my python script

[Chris Angelico]

On Wed, Jun 5, 2013 at 6:53 PM, Νικόλαος Κούρας <nikos.gr33k at gmail.com> wrote:
> So, iam to blame this for trusting you?

Your clients trust you to not compromise their security. You
compromised their security by giving the root password to a stranger.

> YOU COULD HAVE ACTUALLY TRIED TO SEE WHATS WRONG WITH 'FILES.PY' INSTEAD OF CREATING TEXT FIELS AND COPIED THEM ALL OVER THE CLIENTS HOME DIRECTORY FOLDERS AND MAIL THEM TOO.
>
> IF YOU DIDNT WANTED TO DO THAT THEN YOU COULD AHVE SAID TO ME, NIKOS I DONT FEEL LIKE LOGGING TO YOUR SYSTEM BECAUSE I DONT REALLY WANTED TO HELP YOU OUT.

When did I ever give the impression that I wanted to help? When did I
ever actually ask you for that power? No, you kept trying to thrust it
on us as part of your demands for assistance.

> I ALSO HAVE GIVEN ROOT ACCESS TO ANOTHER MEMBER OF THIS LIST AND HE IN FACT TRIED TO HELP ME INSTEAD OF DOING WHAT YOU DID. AND FROM 2 OTHER PEOPLE AS SOME OTHER FORUMS TOO.

So... your root account has fairly public access. Did you notify your
clients that half a dozen random people have full access to their
server? Can you prove to them that their private data is, indeed,
private?

> I WONT TALK TO YOU AGAIN. YOU MADE A FALSE PROMISE OF HELPING ME AND THEN SCREWED ME.

What promise? I never promised to help. Go read my posts... I would
have said "reread" except that you never read them in the first place.

Just be aware, I didn't actually hurt you in any way. I changed your
root password to protect it, but you still have access. The only harm
that could come from this is that your clients are now aware of the
risks they are taking by remaining with you. I'm stripping away the
veil and exposing the truth. Nothing more.

And now, we're very much off-topic for python-list, but I think it's a
good thing for other potential server-maintainers to be aware of.
Trust is a very precious thing.

ChrisA