Torvalds:requiring root password for mundane things is moronic
Mark Bidewell
mbidewel at gmail.com
Wed Feb 29 12:46:02 UTC 2012
On Wed, Feb 29, 2012 at 7:36 AM, Emanuel Rietveld <codehotter at gmail.com>wrote:
> On 02/29/2012 01:15 PM, drago01 wrote:
>
>> On Wed, Feb 29, 2012 at 1:02 PM, Neal Becker<ndbecker2 at gmail.com> wrote:
>>
>>> I think he's got a point
>>>
>>> http://www.osnews.com/story/**25659/Torvalds_requiring_root_**
>>> password_for_mundane_things_**is_quot_moronic_quot_<http://www.osnews.com/story/25659/Torvalds_requiring_root_password_for_mundane_things_is_quot_moronic_quot_>
>>>
>>
>> Yeah but last time we tried this in fedora it got "flamefested" so we
>> had to revert.
>>
>
> Perhaps a solution is adding a group with the needed permissions and make
> it really easy to add an account to that group.
>
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.**org/mailman/listinfo/devel<https://admin.fedoraproject.org/mailman/listinfo/devel>
>
+1 to this. Many tasks should not require full root permissions to
execute. Having a set of groups centered around tasks (install printers,
install software, etc.) would definitely make this simpler. This method
would also be arguably be more secure than sudo as processes don't run with
root permission therefore root privileged cannot be gained by exploiting a
program. Another situation where having a group based security would be
nice is access to privileged ports. Try running JBoss as a non-root user
on port 80.
--
Mark Bidewell
http://www.linkedin.com/in/markbidewell
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20120229/2cfa9f31/attachment.html>
More information about the devel
mailing list