[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Excessive root usage in Debian

On Tue, Oct 12, 1999 at 06:59:19AM -0700, Robert Jones wrote:
> My I humbly suggest a group named 'maintenance' or 'config' or somesuch, in
> addition to subsystem group names?  Each subsystem-user would of course have
> ownership over its related control files, but they would be in the 'config'
> group.  The admin may then add whomever he wants to be able to alter system
> configurations and such to the 'config' group.

I don't understand why that would be more secure than giving them root
access. Even giving them access to /etc/vimrc would be a security loophole
if root ran vim. Many - maybe most - config files let you run an arbitrary 
program at some point.

David Starner - dstarner98@aasaa.ofe.org

Reply to: