Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] on root logins (1)
- Date: Thu, 29 Dec 2005 14:58:26 +0900
- From: Michael Reinsch <mr@example.com>
- Subject: Re: [tlug] on root logins (1)
- References: <ea4e853e0512241908t260aeadbv4115aaf74a358e64@example.com> <43AF5E0E.8060009@example.com> <7e92f16c0512252137x25dd0289w6f42374172e65685@example.com> <43AFAED3.9080809@example.com> <87fyofyhv2.fsf@example.com> <87bqz1wzs9.fsf_-_@example.com> <7e92f16c0512272310vb2c803dncfb7141f38f3921c@example.com> <32a656c20512280425p20687c76td183695fbbe21162@example.com> <1135773703.5260.74.camel@example.com> <32938.221.83.45.6.1135776321.squirrel@example.com> <32a656c20512281224y4cce0990s744eed9ba669e6e1@example.com>
- Organization: ...und überhaupt!?
Hello! On 29.12.2005, 05:24 +0900 Uva Coder wrote: > > How does Plan 9 keep those admin group users from accidentally wiping out > > the system? > > Snapshots of the filesystem are routinely made to a block store called > venti. To correct mistakes use the yesterday command to restore a file > or a filesystem from venti. OK, here you assume that the only mistake that can happen is a mistake that affects the file system, like Micheal Cooper asked. But actually my statement was a bit broader. There are more mistakes you can make which can compromise the security of the system or the user's privacy than simply wipe the system. One advantage of those "wiping the system" type of mistakes is also that they are obvious... not all mistakes are this obvious. So I'm still not convinced that giving an administrator more rights in a general way as you described (adding his user to the sys group *1) is a good idea. In my opinion, an administrator should be required to deliberately switch to a status with more rights (*2) for a certain task, instead of having those rights all the time. *1) BTW: You can also do that in linux: add some user to the root or adm or whatever group and then this user has more rights. *2) Ideally only requesting the minimum set of permissions required for some task. -- Michael Reinsch <mr@example.com> http://mr.uue.org/ ------------------------------------------------------------------------
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
- Follow-Ups:
- Re: [tlug] on root logins (1)
- From: Evan Monroig
- Re: [tlug] on root logins (1)
- From: Josh Glover
- Re: [tlug] on root logins (1)
- From: Uva Coder
- Re: [tlug] on root logins (1)
- References:
- [tlug] Kubuntu v5.10
- From: Lyle H Saxon
- Re: [tlug] Kubuntu v5.10
- From: Robert C Balfour
- Re: [tlug] Kubuntu v5.10
- From: Stoyan Zhekov
- Re: [tlug] Kubuntu v5.10
- From: Robert C Balfour
- Re: [tlug] Kubuntu v5.10
- From: Stephen J. Turnbull
- [tlug] on root logins (1)
- From: Stephen J. Turnbull
- Re: [tlug] on root logins (1)
- From: Stoyan Zhekov
- Re: [tlug] on root logins (1)
- From: Uva Coder
- Re: [tlug] on root logins (1)
- From: Michael Reinsch
- Re: [tlug] on root logins (1)
- From: Micheal E Cooper
- Re: [tlug] on root logins (1)
- From: Uva Coder
- [tlug] Kubuntu v5.10
- Prev by Date: Re: [tlug] running an X program from a daemon script
- Next by Date: Re: [tlug] on root logins (1)
- Previous by thread: Re: [tlug] on root logins (1)
- Next by thread: Re: [tlug] on root logins (1)
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |