In article <87593.990543718@ma-1.rootsweb.com>, Charlie Summers <charlie@lofcom.com> writes:
At 9:51 AM -0400 5/22/01, Tim Pierce is rumored to have typed:
Among other reasons, because giving shell access to relative randoms a recipe for disaster. You might as well hand out the root password while you're at it.
It's hardly the same thing, and you certainly know it; you're throwing up a smoke screen.
It's almost exactly the same thing.
If you lease virtual domains, the user should have FTP and shell/SSH access - that's what they're paying you for.
We do virtual domains and give the users FTP access. We do mailing lists and let the users administer lists via the Web. We don't provide shell access for anyone under any circumstances. They don't pay us for that and we don't offer it.
To equate being a user on a machine to running root is asinine, unless of course the root user doesn't have the ability to set up his machine correctly.
A knowledgable cracker who can get shell access on a machine can typically get to root inside of about ten minutes. It is *extremely* difficult to secure a general-use box against every possible attack, especially with the rate at which new exploits get discovered. I know I am not capable of it, and I strongly doubt that you are either.