Re: (Possible) menu code rewrite
Yeah, I agree with you. If you want someone to have admin privileges, you
should be explicit about that. Don't make any assumptions about who should
be a valid administrator. For people like us, who own and administer our
own systems, that may be OK, but we know how to do it anyway. Making a simple
facility to add administrative access is one thing, doing it by default is
another, and in my opinion, not a good idea at all.
The Mac OS X idea is cute, but it actually has potentially damaging security
implications at a time when most system software developers are attempting
to tighten (not lessen) security. Though I'm not quite ready to have something
like the SE Linux approach the default (not yet anyway), I do think that
opening up overly easy system administration creates more problems than it
solves. I think requiring a would-be administrator to know how to create
admin access is the appropriate thing to do --- or go the SE Linux route.
Manfred Wassmann wrote:
On Wed, 17 Jul 2002, Mark Ferlatte wrote:
You know, Mac OS X actually handles this pretty well: the first user
account that's created is by default an "Admin" (which places them into
/etc/sudoers, and enables their UI sudo to work for them). Every
additional user that's created is by default not an Admin, but can
easily be made one.
It doesn't seem that bad of an idea to make the Debian installer just
make the user account that's created on install be an admin by default.
I don't like that. One more needlessly hardwired special UID. Why not
just having an admin sub menu (-structure) taking all entries that need
special privileges to run?