Pavel Kankovsky writes:
> Damned omnipotent root. I hate unix.
Well, my feeling is that Unix is well designed. It's just the
programs that surround it that are not. First, I'd start with most
programs written at BSD, and throw them out as "a nice try" by some
undergraduates. I've already thrown out the programs *I* wrote as an
undergraduate. I see no particular reason to worship anything in the
BSD. BTW, Linus feels the same way, which is why you have to fsync "."
if you want information to be written into ".".
For example, the standard printing system (lpd/lpr/lpq) runs as root.
Bad idea. No reason for it. Run it under its own userid. That's how
CUPS does it.
That's how everything should be done under Unix -- as its own userid.
Other operating systems have Access Control Lists, which let you split
up permissions in a fine-grained manner. Unix uses userids, group
membership, and file ownership, groups, and permissions to achieve the
same result. If you don't do this because there's "no reason for all
those users", as Weitse Venema told me, then when you get a security
breach in one part of your system, it spreads out over the whole
system.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | "Ask not what your country
521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | do for you..." -Perry M.
