On Mon, Jul 11, 2011 at 08:29:11AM +0100, David Laight wrote: > > One problem is that, historically, unix privileges have always been > based on a sledgehammer approach - if you don't want everybody to > be able to do something then only root can do it. >
That can and has been fixed in other Unix operating systems. The problem is that a lot of people simply cannot see the use of such a facility not because they are dumb, just that they have not encountered a situation which could not be addressed with the normal unix permissions or, perhaps, sudo. Some things that have been problematic for me in the past with the unix security model that I have been able to solve using finer grain permissions are: 1) permitting an ordinary user to run apache on port 80, allowing them to perform restarts and kill misbehaving daemons without requiring root access. 2) permitting an ordinary user to run an ldap server on port 389 using the setuid daemon dance makes things awkward when it comes to trying to kill things off. Using sudo can be a pain because someone has to be around to type the password which means you cannot schedule restarts/kills as an unprivileged user. Other things it would be useful for would be winding back the number of setuid utilities on the system - ping could be permitted to open a raw network interface, at the moment it has to be setuid to do this. -- Brett Lymn "Warning: The information contained in this email and any attached files is confidential to BAE Systems Australia. If you are not the intended recipient, any use, disclosure or copying of this email or any attachments is expressly prohibited. If you have received this email in error, please notify us immediately. VIRUS: Every care has been taken to ensure this email and its attachments are virus free, however, any loss or damage incurred in using this email is not the sender's responsibility. It is your responsibility to ensure virus checks are completed before installing any data sent in this email to your computer."
