On Wed, 2005-04-06 at 19:24, Chethiya K Ranaweera wrote: > > > Realistically, someone who had to ask that question in the first place > > is not going to be able to configure sudo to the extent needed to > > allow a useful set of operations but prevent unauthorized operations. > > That's probably not even possible - for example you might want an > > operator to be able to change all passwords except for root. > > So, you might as well admit that you have to trust the person doing > > the administration. If you don't, I'd consider webmin as a better > > starting place than sudo. > > > So if this is the case, I would like to pose a question from my > original assumption. What is the purpose of having a GID for root? Root's GID works like any other, only UID=0 is special. > From the above discussion, what I understand is that, even if you > modify /etc/sudoers (say, give a user admin access by adding (ALL) ALL > ), the system is not going to give *ALL* admin access to that user. Yes it does: the user can then do: sudo su - and become root with only his own password. > So > in that case, I truely do not understand of having a UID for root. Setting uid=0 is the only special case. You can do that for other login names but it doesn't make much sense because all logins with uid=0 have equivalent permissions. -- Les Mikesell les@xxxxxxxxxxxxxxxx
