On 16-Aug-00, 02:11 (CDT), Joey Hess <[EMAIL PROTECTED]> wrote: > Belive it or not, I know how to safely manage temp files and protect > sensitive information with unix permissions.
I know you do, Joey, but my concern is that since the permission violation occurs in the backend, when the backend gets replaced by something else that the security by be inadvertently dropped. Would it make sense for the front-end(s) check the effective userid and refuse to run if it's not 0? Steve
