[geeks] root equivalent user
Greg A. Woods
woods at weird.com
Thu Oct 24 14:03:21 CDT 2002
[[ I'll leave your lame ad hominem attack attempts alone -- for now ]]
[ On Thursday, October 24, 2002 at 12:27:22 (-0500), Mike Hebel wrote: ]
> Subject: Re: [geeks] root equivalent user
>
> Correct me if I'm wrong but when a user needs root access doesn't that
> mean that _THEY_ are the physical security issue?
That just doesn't make sense, nor does it seem to fit in any way with
the orginal question here.
> You've wasted three
> days of this back and forth stuff shooting down everyone's ideas on
> whether or not to basically make another user root.
No, I don't think so -- I've been trying to help people avoid the
pitfalls of trying to _not_ give another user full root privileges.
> The problem is not
> one of limited access it's one of judgement and trust.
Of course. That's why the solution is _NOT_ one of making really stupid
hacks to the system (including in most circumstances, installing sudo).
> As for
> installing software - if they're not trustworthy enough for full root
> why in the hell are they installing software for everybody anyway?
That's a damn good question. That's the point I've been trying to get
across here.
Implied in my original answer was the suggestion that the person in
question had to be trusted with full root access regardless.
--
Greg A. Woods
+1 416 218-0098; <g.a.woods at ieee.org>; <woods at robohack.ca>
Planix, Inc. <woods at planix.com>; VE3TCP; Secrets of the Weird <woods at weird.com>
More information about the geeks
mailing list