|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [Plug] PPP problems with Debian
|
On Thu, Jun 03, 1999 at 11:03:47AM -0400, Michael wrote:
> >> My reply to Chris Fearnley's mail was:
> > On Thu, Jun 03, 1999 at 08:33:09AM -0400, Andrew Libby wrote:
> > > Consider:
> > >
> > > Under redhat, I use sudo for ppp. I have my unprivliged uid able
> > > to execute any command as root, and then I have menu items in
> > > fvwm which basicly run a custom ppp script (shell script) as root.
> > > It has been working well for about a year now.
> >
> > That will work just fine. But it violates the principle of least
> > privilege. Using groups and not running commands as root if at all
> > possible is better policy, IMHO.
> >
>
> I'm going to have to disagree here. sudo is a great way of
> delegating root without having 50 suid binaries lying all
> over the place. sudo gracefully addresses the limitations of the UNIX
> permission model . Of course the unpriv. uid shouldn't be able
> to run *any* command as root, just what is required for ppp.
>
>
> $0.02,
>
>
I was sitting here thinking of a good response, but Mike, you
took care of it for me.
I have to admit, in the comfort of my own home, sudo is used
quite promiscuously. When used on a multi user system, however,
it can be configured is more granularity then I'd ever want to imagine.
Thanks Mike
Andy
_______________________________________________
Plug maillist - Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug
|
|