Re: Excessive root usage in Debian

To: debian-devel@lists.debian.org
Subject: Re: Excessive root usage in Debian
From: David Starner <dvdeug@x8b4e53cd.dhcp.okstate.edu>
Date: Tue, 12 Oct 1999 11:24:37 -0500
Message-id: <[🔎] 19991012112437.A30501@x8b4e53cd.dhcp.okstate.edu>
Reply-to: dstarner98@aasaa.ofe.org
In-reply-to: <[🔎] 19991012065919.H11675@teeny.molehill.org>
References: <[🔎] 87wvst8pv4.fsf@erwin.complete.org> <[🔎] 19991012065919.H11675@teeny.molehill.org>

On Tue, Oct 12, 1999 at 06:59:19AM -0700, Robert Jones wrote:
> My I humbly suggest a group named 'maintenance' or 'config' or somesuch, in
> addition to subsystem group names?  Each subsystem-user would of course have
> ownership over its related control files, but they would be in the 'config'
> group.  The admin may then add whomever he wants to be able to alter system
> configurations and such to the 'config' group.

I don't understand why that would be more secure than giving them root
access. Even giving them access to /etc/vimrc would be a security loophole
if root ran vim. Many - maybe most - config files let you run an arbitrary 
program at some point.

David Starner - dstarner98@aasaa.ofe.org

Reply to:

Follow-Ups:
- Re: Excessive root usage in Debian
  - From: Robert Jones <rjones-debian@devzero.org>
- Re: Excessive root usage in Debian
  - From: Bjoern Brill <brill@samson.math.uni-frankfurt.de>

References:
- Excessive root usage in Debian
  - From: John Goerzen <jgoerzen@complete.org>
- Re: Excessive root usage in Debian
  - From: Robert Jones <rjones-debian@devzero.org>

Prev by Date: Re: ENOENT (was Re: [PATCH] added --force-* options for conffile handling)
Next by Date: RE: Shrink-Wrapped Debian?
Previous by thread: Re: Excessive root usage in Debian
Next by thread: Re: Excessive root usage in Debian
Index(es):
- Date
- Thread