On Thu, Jan 11, 2007 at 03:15:51PM -0500, cga2000 wrote:
>
> > That's one of the things I like about Linux. It encourages good
> > security practices by not making it too difficult to do privileged
> > tasks from within a user account.
>
> yes .. but what I'm really not too comfortable with is mostly the
> non-granularity of privileges .. I'll have to play with groups a bit
> and see if this might provide better solutions. Also do some googling
> and look for those who went down that road before me .. see if they came
> up with useful conclusions.
>
What sorts of things do you find you need root for? I use root (e.g.
su - ) for these things only:
install packages with aptitude:
aptitude has the option of being run by a user then
prompt for the root password when needed but then the
user's extended package attributes are stored separatly
than if root (or another user) runs it. Until that
problem is solved, I'll stick with running it as root.
Edit config files:
after both, run samhain -t update
run my backup script since I end up tar.bz2ing stuff that I as a
regular user can't read.
Do anything with disks and partitions (check smart drive status,
alter the LVM setup).
Everything else I do as myself. I wouldn't want anyone other than root
doing any of that.
Doug.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
