Re: theoretical question - can root's username be changed?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2005-12-02 at 13:17 -0600, Mike McCarty wrote:
> Tim wrote:
> > On Fri, 2005-12-02 at 12:44 +0800, John Summerfied wrote:
> > 
> >>A really big flaw in Unix design is the fact one user has the inherent
> >>ability to do everything, the fact that the Unix security model is
> >>built round this.
> > 
> > 
> > A counterpoint to that, in the Windows world, is that you can have too
> > many people able to do things that they shouldn't.  They might think
> > they need to do something special, they might want to do it, they might
> > think they know what they're doing, but they're often wrong.
> 
> The objection is not that there are not enough users who can
> do things, but that there is one super duper user who can
> do EVERYTHING AND ANYTHING. There is no finesse. Either
> all or none. It might be useful to have someone who can
> administer passwords, but not rm /etc/passwd, for example.
> There is not enough resolution.
----
perhaps to some extent this is true but of course, there are other
options to maintaining user accounts in passwd/shadow/group flat files
such as LDAP where a more granular access is not only possible but
likely.

Account management can be controlled via things like sudo or more than
likely via custom perl/cgi or even php driven consoles so the
possibilities are still endless but all require some improvisation. For
example - check out webmin <http://www.webmin.com> where you can get
exceedingly granular with access rights.

Craig


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux