[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Excessive root usage in Debian

Quoth David Starner on 12 Oct, 1999:

> I don't understand why that would be more secure than giving them root
> access. Even giving them access to /etc/vimrc would be a security loophole
> if root ran vim. Many - maybe most - config files let you run an arbitrary 
> program at some point.

Yes, but...

You, of course, would not want to let Joe Untrusted modify any system config
files.  It would simply be a more flexible solution:

1) Avoid the need to grant root/sudo privs to people who don't really need
   them.

2) Logically organize things a bit better.  A matter of elegeance and the
   Right Thing.

3) (The original point that brought up this thread) Allow such items as
    update-menus, and other related tools, to run as a user, rather than as
    root, for several reasons.

-- 
Robert C. Jones | rjones-at-devzero-dot-org | http://www.devzero.org
  Linux junkie  |   professional sysadmin   |     raving lunatic
        Please use PGP: http://www.devzero.org/public.asc
Reply to: