On Sat, Feb 15, 2003 at 01:52:05PM +0200, Buchan Milne wrote: > On Sat, 15 Feb 2003, Murray J. Root wrote: > > > The problem was and is - msec changes things root has changed. That is > > absolutely always wrong. There is no exception. > > Then change security levels. It is good that msec does this, why should > msec not reset permissions on /etc/ to be write-only for root? Would you > want someone to leave /etc/passwd world-writeable by mistake?
Hard to decide. My opinion has always been that if you mess with things you know nothing about you live with the results. From being on #mandrake on irc.freenode.net I've seen that I may be a little too strict - most newbies mess with things they know nothing about and then blame linux that it broke when they did. > > But I cannot accept that msec is at fault, unless someone provides > details. My home desktop and my laptop both run msec 3 and I have never > touched msec. Our servers run msec 4 with some customisation, our work > desktops run (IIRC) msec 4 with one customisation (no user list). Since I "urpme msec" since shortly after it was invented, I do not know if it has matured to a usable state. The kids had to mess with it to make the ONLY DV apps that exist work (buggy or not - they're all there is) for users. That makes it bad. Users should never be hampered in doing ordinary tasks by a security tool. > > Actually, that is my one issue with msec, it may have been addressed > already, but *reduing* permissions/security should not be done IMHO. That is my one issue with it - and I don't know if it has been addressed, either. My interests do not lie in areas where I was willing to spend the time on msec. It failed, it's history. -- Murray J. Root
