Hello On Mon, Jan 21, 2002 at 03:35:14PM -0800, Thomas Bushnell, BSG wrote:
[cutted much to answer all below] > > So I end up with a debian specific user with shutdown/reload privileges > > that's created with a random (saved) password at installtime as the best > > solution, or? > > Nope. Probably the user should need to be root (or some other generic > user), but the files that are manipulated to accomplish > shutdown/reload and so forth should all be in /etc. Nope (to your nope, because what you argument does in no way contradict my proposals, and the english wasn't that bad :-)) But to clear things up: I create a Debian specific users with all privileges that my Debian scripts need and then store this user's password in plaintext (necessary) in /etc. That's all I need as mysql now lets me specify config files everywhere so I don't have to give them via command line or similar which show up in "ps". I won't fiddle around with the (mysql)root's password outside of /root because a common admin wouldn't expect that. (All mysql clients default to connect you with your $USER name so root normally is mysql user "root", too). So there really are no problems ( friendly, -christian- -- This doesn't belong to a security mailing list...