[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SEUL: Target user for SEUL
On Thu, 22 Jan 1998, Nick Mathewson wrote:
> > Is it practical to have some kind of daemon that senses when
> >the user doesn't have the privilages needed, and automatically runs su,
> >with a suitable warning? This may be virtually impossible, I'm just
> >asking.
>
> A daemon might be a bad idea, IMO. I honestly don't think it's beyond
> the abilities of the average user to learn that some functions require
> superuser priveleges.
Wait! Hold on! Even Windows NT has the concept of "Administrator". There
are certain things that only the person with the adminstrator password can
do such as setting user rights, etc.
We can add an Administrator user with a UID 0, GID 1 to the SEUL distro
passwd file. The concept of only one person being allowed to do things
like install system-wide software and setting permissions for things is
not beyond the skills of many Windows users. Anyone migrating from
Netware is also familliar with the concept.
> I do think, however, that we shouldn't grant root access automatically
> whenever needed, because doing so would be, for all practical purposes,
> just as bad as having the user run as root.
There is sudo. You can configure it to allow certain users to execute
certain commands as root. It is configurable.
George Bonser
If NT is the answer, you didn't understand the question. (NOTE: Stolen sig)
http://www.debian.org
Debian/GNU Linux ... the maintainable operating system.