[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Severe Security Problem Between Sites

Subject: Re: [cobalt-users] Severe Security Problem Between Sites
From: michael@xxxxxxxxxx
Date: Tue Mar 28 02:26:04 2000

Hi Liz,

> >1. Everybody has Telnet access to ALL sites!
>
> That's precisely why I don't give virtual sites Telnet access.  Security
> stinks on the RaQ3.  This isn't an OpenSource Linux problem, this is a
> Cobalt problem with not addressing this security issue.  

right, but easy to fix ? unfortunately it means to leave the UI 
administration.


> >2. Everybody has access to all sites via PHP!
>
> That's an interesting heads up!   Which version are you using, PHP3 or 
PHP4
> (beta)?

The preinstalled PHP3. Now I learned that all web-hosters who sell 
web-space and offer PHP3 do that via CGI ? so they go the slow way. Too 
bad. I'm still thinking about a patch of Apache or the PHP module.

> >4. MySQL root password is not set
>
> MySQL docs use to say you're suppose to set the mysqladmin password after
> you've finished installing it.  

Yes, the MySQL docs do ? that's why I did it. I installed MySQL on my 
personl Linux workstation before. But some RaQ users may run into that 
problem because MySQL compes preinstalled. The RaQ manual should at least 
warn for these things.

> >Who do you all deal with these problems? Or is all that no problem in
> >your way of using the Cobalt?
>
> Considering Cobalt freely waves that "you'll void your warrantee" warning
> flag over everyone's heads while not addressing the issues, and now is
> charging for support, I would suppose that's the reason why people had
> learned to work around the problems which exist on the RaQs.

Actually, this point (loss of warrantee) in conjunction with the problems 
mentioned before, leads me to the opinion not to use RaQ in future 
projects anymore. The RaQ seems to be useful only for very limited 
application domains.

> not concentrating their efforts on supporting their current product's
> software bugs?   It makes anyone wonder where this company is heading and
> what their long term goals are.  After looking at their recent stock's
> performance it's a wonder where this company will be in six to ten
> months.  http://finance.yahoo.com/q?s=COBT&d=3mm
> Nose dive?

Wow! I'm glad to have these: http://finance.yahoo.com/q?s=sunw&d=1ym ;-)

Bye
	Michael

Follow-Ups:
- Re: [cobalt-users] Severe Security Problem Between Sites
  - From: Robert G. Fisher

References:
- Re: [cobalt-users] Severe Security Problem Between Sites
  - From: Liz

Prev by Date: [cobalt-users] Stats Problem RAQ3
Next by Date: RE: [cobalt-users] Severe Security Problem Between Sites
Previous by thread: Re: [cobalt-users] Severe Security Problem Between Sites
Next by thread: Re: [cobalt-users] Severe Security Problem Between Sites

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index