Regarding this topic I have a dream: the hyerarchical permission architecture of OS/400 (and many other IBM OSs for mainframe) ported to Linux. Just imagine this: you have a omnipotent "root" who can access the machine from the console only, a whole set of powerful, configurable administrators who can act from the net, each of them devoted to administer a specific part of the OS or of the File System, and finally a crowd of simple users, with configurable permissions. Nobody would have more power of what it actually need for his job, not even the root.
Great, then all of my linux users, thanks to the administrators in their physical presence, would get an account with SECADM privileges.
(rimshot)
---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster
