Chris, Thanks for the message...
Chris> So what's the "ideal" way to do things? Of course, the ``ideal'' way to do anything really depends on what you want to do. It would help if you could give us some more details about what you are trying to do on the grand scheme of things, so that we could understand what's really necessary and what is not. Usually, there are a specific number of administrators who require privileges to work on the system. They are expected to be knowledgeable and competent staff who will select good passwords and enforce the security of their own accounts. These people will often be given a special group and an entry in the sudoers file to allow them to do what they need to do. Then, there is often another class of users for workstation setups, where there may be less than competent end-users trying to use the system. They are almost guaranteed to never have to run privileged commands if everything is done right. On the other hand, there could be exceptions, and as such, such users may be given very select commands to run for very specific instances. Again, this is just a common case, we need to know more information about your own individual case in order to advise a better way of doing things. -- ((name "Aaron Hsu") (email/xmpp "[EMAIL PROTECTED]") (phone "703-597-7656") (site "http://www.aaronhsu.com")) [demime 1.01d removed an attachment of type application/pgp-signature]