Date: Wed, 3 Jan 2001 00:23:58 -0600 (CST) From: "Jeffrey D. LaCoursiere" <jeff@jeff.net> To: Chris Shenton <cshenton@OutBounderInc.com> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: FW: Prepaid Internet Service (fwd) Message-ID: <Pine.BSF.4.21.0101030020440.2879-100000@jeffdev.billmax.com> In-Reply-To: <lfelyl1qmi.fsf@Samizdat.uucom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Agreed, and it is "on the list", just not high priority. Most installations are happy with the security measures and are more worried about their employees making off with parts than customer information... We discuss the security measures suggested in our on-line documentation: http://www.billmax.com/doc/docs/I.H.html Thanks, Jeff LaCoursiere BillMax ISP Billing Solutions The iSpark Group, Inc. On 2 Jan 2001, Chris Shenton wrote: > On Tue, 2 Jan 2001 15:59:09 -0600 (CST), "Jeffrey D. LaCoursiere" <jeff@jeff.net> said: > > Jeffrey> It is true that most of the BillMax processes run as root. > Jeffrey> This is only a security issue if the machine is accessible to > Jeffrey> the outside world, which generally it is not. [...] > > I'll be doing some work for an ISP which just purchased BillMax. I'm > a bit of a paranoid so running as root may bother me more than most -- > even if you've tried to close all the doors you can think of. > > I prefer the "principal of least privilege". While I'm not intimate > with BillMax yet, I have done lots of work with apache, php, perl, > mysql, radius, etc. I can't see that anything in BillMax would require > running as root, since none of the components does. If not, I'd > certainly prefer it to run as some non-root user, maybe even something > like user "billmax". > > Thanks. > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0101030020440.2879-100000>