l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
August 5: Social gathering
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2003 Nov 22 18:53

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] User with root privileges
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] User with root privileges



On Fri, Nov 21, 2003 at 09:47:23AM -0800, Peter Jay Salzman wrote:
> On Fri 21 Nov 03,  9:15 AM, David Margolis <margolid@ecs.csus.edu> said:
> > On Thu, 20 Nov 2003, Peter Jay Salzman wrote:
> > 
> > > >
> > > >    On my SuSE box, I can make any user a member of the group "root" and they
> > > >    will have full privileges.
> > >
> > > that's not quite accurate.  UID != GID.
> > >
> > > pete
> > 
> > 
> > Yeah, but that's still not a bad idea.  If files owned by root are also
> > owned by the group root, then adding joeuser to the group root would have
> > largely the desired effect (without messing with sudo or the root user
> > itself).
>  
> i agree with you.  it's not a bad idea.  it's a TERRIBLE idea.
> 
> first, it'll only "work" the way you claim it will if umask is set up in
> a very special way.  the "u" and "g" permissions are not the same thing.
> there are lots of files owned by root that should NOT be in the root
> group.   and if you don't believe me, look in your /dev and /var
> directories.  it's asking for trouble.
> 
> 
> but never mind that.  let's talk about something else.
> 
> so we have a guy who presumably owns a solaris box.  he wants to install
> something.  i forget what it was.  oracle?  anyway.  he wants to do it
> from an account named "joeschmo", rather than "root".
> 
> do you really not see anything wrong with that?
> 
> the only person who should be doing that is a hacker.

Or an oracle DBA/sysadmin... oracle is not installed as root, although
there are 2-3 parts that require you to run a script as root to do
somethings. 
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!