Re: Excessive root usage in Debian
Quoth David Starner on 12 Oct, 1999:
> I don't understand why that would be more secure than giving them root
> access. Even giving them access to /etc/vimrc would be a security loophole
> if root ran vim. Many - maybe most - config files let you run an arbitrary
> program at some point.
Yes, but...
You, of course, would not want to let Joe Untrusted modify any system config
files. It would simply be a more flexible solution:
1) Avoid the need to grant root/sudo privs to people who don't really need
them.
2) Logically organize things a bit better. A matter of elegeance and the
Right Thing.
3) (The original point that brought up this thread) Allow such items as
update-menus, and other related tools, to run as a user, rather than as
root, for several reasons.
--
Robert C. Jones | rjones-at-devzero-dot-org | http://www.devzero.org
Linux junkie | professional sysadmin | raving lunatic
Please use PGP: http://www.devzero.org/public.asc
Reply to: