>
> [ speaking for myself here, not my employer and so on ... ]
>
> On Fri, 9 Jun 2000, JF Martinez wrote:
>
> > > I disagree about no "MTA worth his salt," and sendmail certainly DOES
> > > deliver mail to root.
> > >
> > > You can always create an alias yourself.
> > >
> >
> > I know it but there will be people who don't know about it, forget
> > it or perhaps one day a person at RedHat makes a mistake and my alias
> > file is overwritten with a vanilla one where root is not aliased.
>
> Ignorance is no excuse. The aliases file is tagged as %config(noreplace)
> and you will at least be warned what has happened if you upgrade to a
> package where this is not the case.
>
This applies if upgrading individually. If I upgrade my entire
distribution the warning will be lost somewhere in the install.log.
Yes _I_ check but can you ensure all RedHat's customers check?
You are also missing an important aspect: Linux is affordable by small
organiuzations. When a system can be afforded only by organizations
having 2000+ employees that means that the organization can afford to
have an employee who spends the whole day reading HOWTOs and manpages.
Now in a five person organization the system administrator has to do a
thing called _real_ work and that means that he cannot spend days
reading HOWTOs so he will not know about the problem in the first
place. Linux in small organizations means the software must get the
things right out of the box be it for security or whatever instead of
giving the users all the rope they need to hang thmeselves and rely on
them being omniscient.
Now as I said everything you do as root is a potential security risk
so the less you do as root the better (look at MS/DOS for a system
where the user does normal work as root). And mail (ie data sent by
strangers) can be a potential vehicle for attacks so as you don't want
to be at the mercy of a flakey MUA you should alias root. But the guy
who works in a small organization could be the target of an attack the
day before reaching the page of the book where he is told how to alias
root and why he should do it. That is why the MTA should not accept
to deliver to root: root has no business reading mail
Ah! if I remeber well Outlook was not inherently unsecure according to
MS: it only allowed people to hang themselves.
--
Jean Francois Martinez
Project Independence: Linux for the Masses
http://www.independence.seul.org
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
