[NCLUG] Why not Root?
Chad Perrin
perrin at apotheon.com
Sun Mar 18 13:15:03 MDT 2007
On Sat, Mar 17, 2007 at 07:54:51PM -0600, John L. Bass wrote:
> Bill Thorson <bill at tstorms.com> writes:
> > If you are using the default gnome. There is a "Network Configuration"
> > tool which requests root password and then lists your network devices.
> > When you select one and click 'edit' you see as one of your options
> > "Allow all users to enable and disable the device." This worked for me.
>
> The security aspects of this are very interesting, as providing root
> password for the scripts greatly increases the working set of applications
> and scripts that need to be verified as "trusted". In general this increases
> the risk of a local machine security flaw, by having even more code in the
> "must be trusted" class.
. . . and yet, you can't seem to grasp that it's a bad idea to run
*everything* as root.
--
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
"A script is what you give the actors. A program
is what you give the audience." - Larry Wall
More information about the NCLUG
mailing list