[Zope] Suggestions for improving http://www.zope.org/Members/mcdonc/HowTos/zopeinstall/ZOPE-INSTALL-HOWTO
Toby Dickenson
tdickenson@geminidataloggers.com
Tue, 19 Mar 2002 12:21:59 +0000
On Mon, 18 Mar 2002 20:02:41 +0100, "Lennart Regebro"
<lennart@torped.se> wrote:
>It's no security problem as I understand it. You start it as root, but
>with -u <username>, and it will run as username, and you have username =
as
>owner on all the files.
Thats not universally true
In our configuration the z2.py script is routinely updated from a cvs
repository that many people have write access to. It definitely is a
security risk for me to run z2.py as root.
Of course, other configurations are different.
Toby Dickenson
tdickenson@geminidataloggers.com