|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] unix cp function call (thanks)
|
> Um... just because you're not using system(3) doesn't mean that you
> can trust user input data. It's easy to say, "Oh, no one will try to
> exploit this now..." and have it all come crashing down five years
> out when someone else has taken your code and run with it. Do it
> right the first time, every time.
I'll try.
> Why does it have to run as root? There's no reason that any software
> should have to be run as root under Unix. Sure, if it's to be
> installed such that all the users can get at it, it's something
> that's *typically* run as root, but there's no very good reason for
> that. What if a user wants to install this under his home directory?
> Why build in artificial limits?
I figured that this would be good if I need to change files in /etc, which
I do.
Fred
______________________________________________________________________
Philadelphia Linux Users Group - http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
|
|