On Tue, Aug 27, 2002 at 06:58:57PM +0100, Raphael Mankin wrote:
True it can be done, but you are just opening up your system to hackers. Not a good idea. ;-(
Mine is a ppp-networked, totally-firewalled system that sits in my bedroom. Open is not the word.
Aaargh! This destroys much of the point of user 'nobody'. 'Nobody' should have no privileges whatsoever.
No, it should have no blanket privileges. Allowing it to run a specified set of programs carries no hidden security risk at all.
The point of this exercise is to improve security, not to weaken it.
This comment is rather senseless until you show that I'm weakening security. Even then, it serves no useful purpose in a discussion.
How? 'sort -u' or 'grep -v' to detect duplicates will prevent the IP list growing too big.
You neglected to suggest the IPs be validated. If you allow random text to be written to your disk, you're gagging for a DoS.
Alexis