[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Root privilege (SOLVED)



On Fri, Jan 12, 2007 at 09:39:11AM EST, David Jardine wrote:
> On Thu, Jan 11, 2007 at 07:25:03PM -0500, cga2000 wrote:

Sorry, I didn't didn't mean to be rude.  I was unable to check ML's for
most of last week and had so much cleaning up to do that I only saw your
reply last night.

> > So is mopping up the floors in a timely manner..  Doesn't mean you want
> > the janitor to have the keys to the corporate safe.
> > 
> > > .. and it should be delegated only to responsible persons.
> > 
> > hence accountability -- sudo appears do that .. but where's the
> > granularity..?
> 
> Sudo can give the janitor the keys to the mop cupboard and to all 
> the floors that need mopping without letting him have the keys to 
> the corporate safe.  

Not entirely. sudo really controls actions rather than access to
resources.  Although it would appear from the examples in the man page
that once you have permitted certain actions you can optionaly define
their scope - ie. files or directories.

Even as a sudoer, our "janitor" still has access to the "corporate safe"
but he may only perform "janitorial tasks" -- dust, mop, .. etc. not
read or remove its contents.

Or in other words sudo is "action-centric" .. as opposed to the
"resource-centric" nature of the privileges embedded in the filesystem.

So apart from the fact that having to handle privileges from different
(opposite?) angles strikes me as inelegant, I am also sceptical as to
its being an efficient solution.

> Is that what you mean by "granularity"?

What I had in mind was a flexible model where different actors of the
system can be provided with the privileges required to perform their
duties--no more .. no less.

In the sole-user sole-admin context of my laptop I don't see how sudo
would really help me all that much.  My gut-feeling is that the extra
complexity and aggravation as compared with a plain and simple root
shell on a separate terminal is more likely to cause me to make stupid
mistakes.

I'm all the more sceptical about using sudo to build a general solution
since if it were possible to set up a linux system with a sysadmin id
that has the privileges to perform day-to-day administration (software
installs & upgrades .. backups .. user administration.. ) without being
root ..  well..  some distribution or other .. debian, for instance..
why not.. , would already provide it.  I'm not necessarily thinking of a
solution that would work 100% out-of-the-box for everybody and all
circumstances ..  but at least some framework that one could build on ..
partly manually but also something that would be updated by apt-get
whenever you install a piece of software that requires more than
joe-user privileges.

Thanks.

cga





Reply to: