On 06/19/2019 09:56 PM, Bagas Sanjaya wrote:
That is almost as bad as having no security restrictions at all. The
correct thing to do would be to set permissions on the programs to
allow them to be run by group remaja.
What I thought that the correct way is to configure sudoers so that
remaja group can access programs that they absolutely required via sudo
(e.g. mount for mounting USB sticks).
I don't say this often. I would immediately fire the person
responsible for instituting this policy on a "production" system. (It
would be a good policy if the system is intended as an educational
environment to allow the teens to ruin things, and learn from
experience.)
In fact, many television stations have most programs written for teens
(age 13 and older), so sysadmins there configure sudoers which allows
teens to behave like sysadmins themselves (by giving them full
administrator privileges) on their production systems. Also, parental
monitoring and guidance can reduce likehood of teens breaking such
systems. Maybe because teens are largest marketshare for TVs.
Some one mentioned mounting drives, all that and what they need can be
configured. There is no reason to give /sudo/root/ to anyone but the
admin, unless it's a class on system admin. What are you going to do
about it?
--
Jimmy Johnson
Devuan Jessie - KDE 4.14.2 - AMD A8-7600 - EXT4 at sda2
Registered Linux User #380263
