John Plocher <John.Plocher at sun.com> wrote:
> Just as someone invented sheaths for knives, because people
> don't always need to walk around armed to the teeth, the
> "sudo world" doesn't require everyone to walk around with
> a loaded "rm *" command :-)
>
> This proposal, if applied to my home system, would seem to
> effectively make logging in as "plocher" be the same as
> logging in as "root" - and is something I'm not sure I want.
>
> What I do want is to be able, as "plocher", to say "I want
> to explicitly do `foo` now, but not necessarily at any other
> time without additional future confirmation being required".
I believe that the change needs to be well tested for a while to make sure
that it does not miss hard to find problems.
If you e.g. (after the change) are expected to call "pfexec rm -rf /*", then
I see the problem that people who use a pf* shell would always work with
user user privilleges.
If there is a need to first aquire a role, things look different.
BTW: It was a good practice 20+ years ago already to disallow root logins
except for /dev/console. This changed after ssh came up. It may be a good idea
to implement something similar now (allowing root logins on /dev/console on
specific conditions) to make sure that there is no need to fetch an alternate
boot medium in order to fix certain problems.
J?rg
--
EMail:joerg at schily.isdn.cs.tu-berlin.de (home) J?rg Schilling D-13353 Berlin
js at cs.tu-berlin.de (uni)
schilling at fokus.fraunhofer.de (work) Blog:
http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily
