Re: allowing a "normal" user to work efficiently
HI B,
On Tue, 21 Oct 2003, Benedict Verheyen wrote:
> Hi,
>
> i'm wondering what the best method is of allowing a normal user account to
> do stuff like writing cd's, accessing local webpages (/var/www) and so on.
> There are a couple of methods like:
>
> 1. Making a group, put the user in that group and set that group as owner
> of say /var/www or another dir where you want to user to have access too.
APACHE has an option to have ~/public_html/ be a user's web directory and
is accessed by http://my.site/~user
>
> 2. In case of cd writing, you can set the SUID of cdrecord and related
> programs or you can use sudo. Only problem with sudo is that the user has
> to type sudo in front of the commands.
I guess k3b is a great program and it asks to 'add users' to allow
burning.
>
> What is the best method with security and user-friendliness in mind?
>
> I mean, I could let my wife work on Linux but to take the example of the
> cdwriting, she would be confused: "hey, on windows i can burn cd's
> straight out of the box and here not, i have to use this sudo thing"
MS windows is 'friendly' to users and virii and cracker alike out of the
box. Us *nix folks like to keep our data a bit safer.
> Off course this example is a bit far fetched since she wouldn't work on
> the command line and use XCDRoast or something similar and thus avoid the
> problems described above.
> But i would still like to know what the best way of working is.
>
> Thanks for any insights,
> Benedict
Cheers,
-Kev
Reply to: