Mail from ILUG-BOM list (Non-Digest Mode)
On Fri Jul 07, 2000 at 06:40:36PM +0530, Kiran Jonnalagadda wrote:
>
> > > Linux doesn't even have a proper security model!
>
> Just pointing out that the user/group/other security model is too
> simplistic and that too many administrative tasks are handled by just
> one root account.
Being simple is beauty and not a constraint :). Anyway, not going by your words
and capturing what you meant to say, I've found it to be sophisticated enough
to implement all the permission related stuff quite easily.
> Suppose my server is an e-mail server among other things, and I want to
> assign all e-mail related management to another person. How do I do
> this? Among the various things I need to do are:
>
> 1) Give access to the useradd/del/foo commands.
> 2) Give access to sendmail/qmail's configuration files.
> 3) Give access to every user's .forward/.qmail files.
>
> How do I go about doing this?
> sudo helps to a large extent, but has it's limitations. How do I specify
> that the user can run one command on this particular file, but nothing
> else?
Hmmmm. It's interesting. But sudo man page clearly says that you can specify
not only the command name but also the arguments to that command and that too
with shell wild chars. Now, I can easily put this line in sudo (or something
similar) ..
mailadmin ALL=/bin/vi .forward
This line does not let mailadmin edit all the files using vi. Just .forward
owned by anybody.
> Bottomline: Flexible security is possible, but is so painful most
> administrators would rather handle everything themselves or trust the
> sub-admin with more powers than needed.
Matter of opinion. I have never faced this problem. By the way, security is
always painful. Don't you think so?
> Only a simple modification to the permission system is needed to make
> flexible security really easy: make it possible to have multiple groups.
But that is already there. No? Every user has one primary group and can have
multiple secondary group. In fact, this is how CVS system in our company works.
> So a particular file could have it's standard owner and group, and
> another set of permissions for the "mailadmin" group, and no rights for
> anyone else.
What's wrong with adding mailadmin user to the so called standard group of the
file.
> if I understand correctly, this is how Windows NT does permissions.
> Microsoft's implementations are suspect, but you'll have to give it to
> them for good designs.
I don't know how permissions work in NT as I have never worked on it and hence,
I am not qualified to give any complement to Microsoft for some good design.
Having said all this, I do admit that part of what you say have said is right
but I don't really think that it had to come out as an outburst of such strong
feelings.
A kernel provides a very loose framework for security. After that, the onus of
security lies on the model in which applications are written and integrated.
Security is not just access permissions! We'll talk about it in detail (when I have
some time :). Hint: Viruses!
--manas
_______________________________________________
Website: http://www.ilug-bom.org.in/ilug
Linuxers mailing list
[EMAIL PROTECTED]
http://ilug-bom.org.in/mailman/listinfo/linuxers
