Robert L Martin posted <[EMAIL PROTECTED]>, excerpted below, on Mon, 13 Oct 2003 22:15:28 -0400:
> 3 a trio of SUID ROOT scripts to : a shutdown the system b reboot > Xwindows only (user switch) c do a full system reboot || note on systems > with a Real Live BOFH admin this trio would be yanked || Perhaps this in low security mode, but not above 2, anyway. I don't WANT any rouge program being able to reboot the entire machine w/o having to know the superuser (or at least SOME) password. That's something we have that is and should remain better than Gates as it is, IMO. OTOH, this is yet another good reason to get a sensible sudo setup and some sort of GUI compatible with it.. Allowing a user access to these functions, but with password, IS a good idea, IMO. From there, the local admin (be that a real admin or not) can change it to no password needed directly, or by changing the security level, as desired, but that should NOT be the default, IMO. Linux is superior in this area by the definition of most experienced users in part BECAUSE it emphasizes security over ease of use, and that should not change. Otherwise, why not just run Lindows style, only one physical user account by default, ROOT! -- Duncan - List replies preferred. No HTML msgs. "They that can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." -- Benjamin Franklin
