On Mon, Jul 27, 2015 at 03:13:55PM +0200, Marc Espie wrote: > On Mon, Jul 27, 2015 at 02:40:53PM +0200, Theo Buehler wrote: > > > So omitting [as identity] allows me to run as every user, not just as > > root? Is this intentional? > > I think it's intentional. It's definitely what I would expect [as identity] > is a restrictive modifier. If you want to only be able to run as root, you > write "as root".
Ok thanks, this makes sense, but it is not quite clear (to me) from the docs that this is a "restrictive quantifier". The the bit I quoted from the man page on "as target" sais "The default is root.", not "root and everybody else". (Sorry I should have written "as target", not "as identity" in my mail) > How would you phrase things if it wasn't the case ?.. As indicated above I would probably write something like "as root and every other user" instead of simply "as root".
