On Sat 22 Nov 03, 4:32 PM, Michael J Wenk <[EMAIL PROTECTED]> said: > On Fri, Nov 21, 2003 at 09:47:23AM -0800, Peter Jay Salzman wrote: > > On Fri 21 Nov 03, 9:15 AM, David Margolis <[EMAIL PROTECTED]> said: > > > On Thu, 20 Nov 2003, Peter Jay Salzman wrote: > > > > > > > > > > > > > On my SuSE box, I can make any user a member of the group "root" and they > > > > > will have full privileges. > > > > > > > > that's not quite accurate. UID != GID. > > > > > > > > pete > > > > > > > > > Yeah, but that's still not a bad idea. If files owned by root are also > > > owned by the group root, then adding joeuser to the group root would have > > > largely the desired effect (without messing with sudo or the root user > > > itself). > > > > i agree with you. it's not a bad idea. it's a TERRIBLE idea. > > > > first, it'll only "work" the way you claim it will if umask is set up in > > a very special way. the "u" and "g" permissions are not the same thing. > > there are lots of files owned by root that should NOT be in the root > > group. and if you don't believe me, look in your /dev and /var > > directories. it's asking for trouble. > > > > > > but never mind that. let's talk about something else. > > > > so we have a guy who presumably owns a solaris box. he wants to install > > something. i forget what it was. oracle? anyway. he wants to do it > > from an account named "joeschmo", rather than "root". > > > > do you really not see anything wrong with that? > > > > the only person who should be doing that is a hacker. > > Or an oracle DBA/sysadmin... oracle is not installed as root, although > there are 2-3 parts that require you to run a script as root to do > somethings.
and you would change a user's UID or GID to do this? you ain't administrating any machine that i own, that's for sure! ;) pete -- "Nobody steals our chicks. And lives." -- Duke Nukem (played on Linux) GPG Instructions: http://www.dirac.org/linux/gpg GPG Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech