Michael on Thu, 3 Jun 1999 11:12:44 -0400 (EDT)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [Plug] PPP problems with Debian


>>  My reply to Chris Fearnley's mail was: 
> On Thu, Jun 03, 1999 at 08:33:09AM -0400, Andrew Libby wrote:
> > Consider:
> > 
> > Under redhat, I use sudo for ppp.  I have my unprivliged uid able
> > to execute any command as root, and then I have menu items in 
> > fvwm which basicly run a custom ppp script (shell script) as root. 
> > It has been working well for about a year now.
> 
> That will work just fine.  But it violates the principle of least
> privilege.  Using groups and not running commands as root if at all
> possible is better policy, IMHO.
> 

I'm going to have to disagree here.  sudo is a great way of
delegating root without having 50 suid binaries lying all
over the place.  sudo gracefully  addresses the limitations of the UNIX
permission model .  Of course the unpriv.  uid shouldn't be able
to run *any* command as root, just what is required for ppp.


$0.02,


Michael "Missed the PLUG meeting once again" Jastremski


--
_Michael_Jastremski_mike@westphila.net__	"I am so game it's not even funny..."
_personal_http://westphila.net/mike__          rfountain@steckel.com in   
_Photography_http://images.westphila.net_   <001c01be9701$fd2e8b40$0c64a8c0@
_ICQ_37965092_AIM_rstfinsyn_NIC_mj1432       ron.steckel.com>



_______________________________________________
Plug maillist  -  Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug