On 2011-12-20 12:19 PM, Nikos Chantziaras <rea...@arcor.de> wrote:
If you allow someone to edit root owned files, you're practically giving
him root access.
Well, yeah, but only on those defined files...
I'm not worried about them messing up stuff in /var/www/*, but I am
worried about them messing up stuff in /etc
So the fact that he doesn't know the root password is totally
irrelevant; he doesn't even need the password anymore to gain root
access since he already has that access.
But he only has root access in explicitly defined, non-system, non
critical directories...
So you might want to rethink the way you want to allow him to edit those
files.
I *want* him to be able to do whatever he wants in /var/www (and a few
other non critical directories)...
