On Thu, 22 Jan 2009 14:01:26 -0500, Adam Tauno Williams wrote:
> You scan the server for malware.
You run a useless process widening your attack surface.
Hint: "Security is a trade-off" -- Schneier.
Don't trade actual security for cargo cult systems administration.
> There is nothing special about LINUX here. The whole "don't run
> services as root" business is just so much noise. It isn't about
> protecting the *server* it is about protecting the *data* which is
> accesses [hopefully] by services which are *not* root. It is about the
> data and the clients that connect to the server.
There is something special about Linux, it's called RPM. We don't run
arbitrary binaries. We don't let strange .exe put files wherever they
please. Bonus: rpmverify, free of charge.
That doesn't mean that there aren't vulnerabilities or malware. It means
that *viruses* are not a problem.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
