[arch-general] [arch-dev-public] adding http user/group to filesystems

[Alessio Bolognino]

On Mon 2008-06-23 18:48, Arvid Ephraim Picciani wrote:
> On Monday 23 June 2008 16:59:30 Aaron Griffin wrote:
> > I agree with Simo and Jan here. While we could easily take the "do it
> > yourself" road, I always preferred the "sane defaults" side of Arch,
> > myself. That is - install some crap and it works out-of-the-box in a
> > pretty decent manner. It's a very small stretch from "sane defaults"
> > to "secure defaults". Unless you think sane != secure.
> 
> so this is the official announcment that the vanilla-style-do-it-yourself for 
> professional engineers and manual readers is no more, and that in future 
> there will be rather debian-style-out-of-the-box solutions for  those who 
> want it to "just work" ?
> I'm fine with that new way. I'm going to look for a different distro then 
> instead of having to unpatch more and more packages. I just would like to 
> have a clear signal finally. The back and forth between those different 
> styles is really painfull for somone who has to actually maintain a few 
> dozens of machines. 
> I guess you can run your systems easy and secure with the debian style, but 
> you have to have a different kind of personality then me. 
> thanks

I don't want to talk about the "philosophy" of the distro, but I'd like
to know what's the security issue in having a dedicated user/group for
web servers.

-- 
Alessio (molok) Bolognino

Please send personal email to themolok at gmail.com

Public Key http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xFE0270FB
GPG Key ID = 1024D / FE0270FB 2007-04-11
Key Fingerprint = 9AF8 9011 F271 450D 59CF  2D7D 96C9 8F2A FE02 70FB
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://archlinux.org/pipermail/arch-general/attachments/20080623/4d8344cd/attachment.pgp>