|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [Plug] PPP problems with Debian
|
>> My reply to Chris Fearnley's mail was:
> On Thu, Jun 03, 1999 at 08:33:09AM -0400, Andrew Libby wrote:
> > Consider:
> >
> > Under redhat, I use sudo for ppp. I have my unprivliged uid able
> > to execute any command as root, and then I have menu items in
> > fvwm which basicly run a custom ppp script (shell script) as root.
> > It has been working well for about a year now.
>
> That will work just fine. But it violates the principle of least
> privilege. Using groups and not running commands as root if at all
> possible is better policy, IMHO.
>
I'm going to have to disagree here. sudo is a great way of
delegating root without having 50 suid binaries lying all
over the place. sudo gracefully addresses the limitations of the UNIX
permission model . Of course the unpriv. uid shouldn't be able
to run *any* command as root, just what is required for ppp.
$0.02,
Michael "Missed the PLUG meeting once again" Jastremski
--
_Michael_Jastremski_mike@westphila.net__ "I am so game it's not even funny..."
_personal_http://westphila.net/mike__ rfountain@steckel.com in
_Photography_http://images.westphila.net_ <001c01be9701$fd2e8b40$0c64a8c0@
_ICQ_37965092_AIM_rstfinsyn_NIC_mj1432 ron.steckel.com>
_______________________________________________
Plug maillist - Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug
|
|