[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Admin group?

On Tue, 19 Oct 1999, Pollywog wrote:

> On 19-Oct-99 Phil Brutsche wrote:
> > A long time ago, in a galaxy far, far way, someone said...
> > 
> >> Ultimately, I want to have 2 accounts for myself (1 being root,
> >> the other being a normal user.)  I also would like to create
> >> a few accounts for friends.  My normal user account will
> >> be added to the member of the "adm" group.
> >> 
> >> Questions:
> >> 
> >> 1) What is the best way to prevent other users (except for my
> >>    normal user) from running programs like dmesg?  I suppose
> >>    I could always chgrp the programs to "adm", and change 
> >>    permissions to -rwxr-x---.  Is this the recommended way?

dmesg is not suid root...so the users can get that information themselves
without dmesg, or compile their own copy of dmesg.  There isn't much point
in changing the permissions on dmesg.

It is only on binaries that are suid and provide some special priveledges
that this is useful.

Reply to: