"I have become convinced that this “principle of least privilege” is fundamentally wrong. Minimizing privilege might reduce the damage done by some security holes but almost never fixes the holes. Minimizing privilege is not the same as minimizing the amount of trusted code, does not have the same benefits as minimizing the amount of trusted code, and does not move us any closer to a secure computer system."
I feel that fixing the security holes has little to do with reducing the damage done due to increased attack surface.
If you're a software developer who is not doing security research, and who is mainly interested in some functionality offered by a module, you'd be better off giving the module exactly the privileges it needs, not more and not less. If not, wouldn't OS's run all user-space programs in ring-0? (Maybe I am stretching it a bit)
If Bernstein meant that this principle has been misquoted/abused/understood in all wrong ways (like most of the "premature optimization" quotes), then perhaps it makes some sense. :)
There's no consensus that "reducing the damage done by some security holes" is a good thing? Bernstein mentions it as a distraction (which may be true), but it's better than doing nothing.
Nothing against Ruby specifically, 'though I guess I do have a prejudice (in terms of security) against interpreted languages in general compared to something written in C.
That's actually a good question. The lack of buffer overflow vulnerabilities does make interpreted languages safer to a point. Still anything that listens on an open port shouldn't run as root, there are still plenty of vulnerabilities besides buffer overflows out there.
If you're running it on Linux, use iptables to redirect the port to something you can use without root: http://www.cyberciti.biz/faq/linux-port-redirection-with-ipt...