Re: Excessive root usage in Debian
On Tue, Oct 12, 1999 at 06:59:19AM -0700, Robert Jones wrote:
> My I humbly suggest a group named 'maintenance' or 'config' or somesuch, in
> addition to subsystem group names? Each subsystem-user would of course have
> ownership over its related control files, but they would be in the 'config'
> group. The admin may then add whomever he wants to be able to alter system
> configurations and such to the 'config' group.
I don't understand why that would be more secure than giving them root
access. Even giving them access to /etc/vimrc would be a security loophole
if root ran vim. Many - maybe most - config files let you run an arbitrary
program at some point.
David Starner - email@example.com