l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
April 21: Google Glass
Next Installfest:
TBD
Latest News:
Mar. 18: Google Glass at LUGOD's April meeting
Page last updated:
2003 Nov 22 16:33

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] User with root privileges
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] User with root privileges



On Fri 21 Nov 03,  9:15 AM, David Margolis <margolid@ecs.csus.edu> said:
> On Thu, 20 Nov 2003, Peter Jay Salzman wrote:
> 
> > >
> > >    On my SuSE box, I can make any user a member of the group "root" and they
> > >    will have full privileges.
> >
> > that's not quite accurate.  UID != GID.
> >
> > pete
> 
> 
> Yeah, but that's still not a bad idea.  If files owned by root are also
> owned by the group root, then adding joeuser to the group root would have
> largely the desired effect (without messing with sudo or the root user
> itself).
 
i agree with you.  it's not a bad idea.  it's a TERRIBLE idea.

first, it'll only "work" the way you claim it will if umask is set up in
a very special way.  the "u" and "g" permissions are not the same thing.
there are lots of files owned by root that should NOT be in the root
group.   and if you don't believe me, look in your /dev and /var
directories.  it's asking for trouble.


but never mind that.  let's talk about something else.

so we have a guy who presumably owns a solaris box.  he wants to install
something.  i forget what it was.  oracle?  anyway.  he wants to do it
from an account named "joeschmo", rather than "root".

do you really not see anything wrong with that?

the only person who should be doing that is a hacker.

cracker.

darn.  whatever.   ;)

pete

ps- i will state again: the thing that you said is not a bad idea is
STILL not accurate.  UID != GID.  you say it will "largely have the
desired effect".

i don't know about you, but when i'm administrating my system, i want to
have THE desired effect.  not largely the desired effect!

-- 
"Nobody steals our chicks.  And lives." -- Duke Nukem (played on Linux)
GPG Instructions: http://www.dirac.org/linux/gpg
GPG Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!