[Tutor] Interacting with stderr
Danny Yoo
dyoo at hashcollision.org
Sun Aug 31 02:09:24 CEST 2014
>>> One other thing: if you can avoid running commands as root, I'd
>>> strongly suggest doing so. Your second screenshot shows that you're
>>> running as root superuser, and the imaginary security demon that sits
>>> on my left shoulder is laughing uproariously as we speak.
>>
>> Haha Yes I am aware of people like you who are just itching to exploit
>> vulnerabilities like that; however, the programs my company uses to
>> broadcast will only run as root.
>
>
> That's a really bad design decision, and rarely necessary. It is often
> _easy_, but it leaves your systems at much greater risk.
I agree with Cameron. On a scale from 1 to 10, where 10 is "oh my god
this is bad", what you're doing by running such a program as root is
about an 8 or 9. But, then, I've always been an optimist.
The fact that you're doing this in the context of a company, where
things actually _matter_, turns the situation from what I thought was
merely "dubious" into one that's closer to "criminal". Please, please
get an education from your local friendly Unix system administrator
about running as root superuser.
More information about the Tutor
mailing list