On Sunday 19 December 2004 21:54, [EMAIL PROTECTED] wrote: > Thanks, Derek. > > You say: > >[...] you are completely ruining security by trying to give a user > >access to root files. [...] > > So you mean that security level 2, which gives a user access to *read* all > the files > of the '/' dir and its subdirs except for the /root dir, completely ruins > security? > Why then is it the standard security level, > the one suggested by default during the system's installation? > > >You (Rodolfo) may be the administrator, but you should still not give user > >rodolfo special access. > > In fact I don't want to give user rodolfo any special access, > I just want for him a security level 2, > that's what I exactly wrote in my message. > > >As for limiting what user 'alberto' is allowed to see, one way to achieve > > that > > >is remove read permissions for public users to those directories. You can > >create custom rules in drakperm to do that. [...] > > Wouldn't this way the limitations work also for rodolfo, > for whom instead I wish a 'freedom level' n.2? > > Cheers, > Rodolfo >From your sequence of posts I was under the impression that you were trying to give rodolfo group ownership of '/' with read and write permission. That would make rodolfo equivalent to root.
Removing read permission from directories would indeed limit user rodolfo as well as user alberto, but that is where sudoers can help you. sudoers would give rodolfo permission to perform certain commands as if he were root user. Of course the more privileges you give rodolfo the greater the risk if user rodolfo is compromised. derek -- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
