On Mon, 02 Mar 2009, Manoj Srivastava wrote: > You see, us grad students in the staff group were _not_ supposed to > be root, or be bale to modify the vendor directories (who knows, it > might have violated the universities support contract).
Yeah, but by default, if you have staff access, you can easily gain root access, so there's really no distinction between the two. [In Debian, this could be done by shoving in a special /usr/local/bin/awk to trap cron.daily/standard calling it as root, for example.] > Not that it makes much of a difference in Debian selecting a > default, really. But I can see a use case in a large environment > with subgroups where limited privileges are required -- and the > /usr/local hierarchy, with the support for local overrides in path, > programs like perl and emacs, made such setups easy for overlaying > such privileges on a subset of the machines. The real problem is that by default root's PATH contains /usr/local/sbin and /usr/local/bin, so you have to jump through quite a few extra hoops to make the distinction between root and staff viable in the first place. Don Armstrong -- "People selling drug paraphernalia ... are as much a part of drug trafficking as silencers are a part of criminal homicide." -- John Brown, DEA Chief http://www.donarmstrong.com http://rzlab.ucr.edu -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
