I hate it when people "nanny" me about doing things that are possible but outside of the scope of normal usage, so I hesitate to warn you about this. But I still feel compelled to warn you that running Zope as root is not advisable; while there have been no known remote exploits of Zope that allow an intruder any form of filesystem access, obviously it's possible, so running as root is potentially quite dangerous. On Tue, 2004-07-27 at 11:37, Vangelis Mihalopoulos wrote:
Rodrigo Dias Arruda Senra wrote:
Hi, wouldn't be more wise just setuid (chmdo -s) some external method['s], doing inside it[them] you root 'necessities' ;o)?
thanks for your answer Rod,
nice thinking, but i am not sure it would work... external methods are called in the same thread serving the request... so, how would a suid affect anything? It could only be useful if i "executed" suid python scripts from an external method, and thus creating a new process... i have to test it to be sure.
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )