Cindy-Sue Causey <butterflyby...@gmail.com> writes:
> Hi, Martin.. I found these descriptions on the Debian Wiki
> SystemGroups page [0]:
>
> tty: TTY devices are owned by this group. This is used by write and
> wall to enable them to write to other people's TTYs, but it is not
> intended to be used directly.
>
> dialout: Full and direct access to serial ports. Members of this group
> can reconfigure the modem, dial anywhere, etc.
>
> What's on the System Groups wiki page is about as far as I'm versed in
> it. So far, that's been enough *for me*. I, too, have read at least
> once out there that we need to be members of as few groups as possible
> for computer safety reasons.
>
> Cindy :)
Thank you. Interestingly enough, one of the programs I
wrote before retiring was a shell script which later turned in to a perl
program which constantly scanned the log of our dhcp servers for
Oklahoma State University, trolling for Mac addresses of
equipment that had been reported as stolen on campus. It ran on
a FreeBSD unix box which has much the same general feel as Linux
but is philosophically somewhat different so, occasionally, you
run in to shell scripts or other types of programs that will run
perfectly on the box they were developed on but either run
slightly differently or not at all on the other.
When I matched a Mac address against our stolen goods
list, I used wall to mess up the screens of everybody else logged
in to our group unix work station to let them
know that the purloined machine was on our network and to
immediately call campus police, sometimes, a specific detective,
to tell them where the device was being used.
We cought a few thieves that way and had a few false
alarms when systems turned out not to be stolen but their owners
forgot to tell us there was no problem. Wall, in the wrong hands
can be quite a nuisance so that's the sort of power one must be
careful about. In this case, it doesn't really matter since I am
the only user.
By the way, one of the thieves we cought stole somebody's
laptop one day and began using it in his job the very next day.
He was some campus department's IT support person, but not for
long.
Martin WB5AGZ
