Re: theoretical question - can root's username be changed?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Scot L. Harris wrote:
On Fri, 2005-12-02 at 14:17, Mike McCarty wrote:

Tim wrote:

On Fri, 2005-12-02 at 12:44 +0800, John Summerfied wrote:


A really big flaw in Unix design is the fact one user has the inherent
ability to do everything, the fact that the Unix security model is
built round this.


A counterpoint to that, in the Windows world, is that you can have too
many people able to do things that they shouldn't.  They might think
they need to do something special, they might want to do it, they might
think they know what they're doing, but they're often wrong.

The objection is not that there are not enough users who can
do things, but that there is one super duper user who can
do EVERYTHING AND ANYTHING. There is no finesse. Either
all or none. It might be useful to have someone who can
administer passwords, but not rm /etc/passwd, for example.
There is not enough resolution.


You can configure sudoers to limit a user to specific commands that they
can run as root when needed without allowing that user to do everything
root can.

One cannot configure sudo such that one can "vi /etc/one_special_file"
but not "vi /etc/another_special_file".

Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux