Anton, et al -- ...and then Anton Aylward said... % % On 05/12/2019 10:03, David T-G wrote: % > ... % > Meanwhile, putting on my Security Freak hat, I wonder if it's more secure % > to escalate for specific commands as Carlos has or to go ahead and run % > a single find as root and perhaps go where we shouldn't.... % % I look at it this way. % If he can edit the sudoers configuration file to set up all those individual % things then he can log in as root. % GAME OVER as far as security is concerned. % https://www.michaelwlucas.com/nonfiction/sudo-mastery Well, yeah. Agreed. But what if you the trusted root were setting up something for the not-so-trusted power user? Imagining a race condition, for instance, I'd rather call sudo once and have only one needle to try to catch in the process haystack. % % % Me? I'm a dinosaur, I'm in the 'wheel' group. Same :-) since SunOS 4. % https://en.wikipedia.org/wiki/Wheel_(computing) % [now why it was 'big wheel' rather than 'big cheese' is anyone's guess] % https://access.redhat.com/discussions/1392033 *grin* HANN :-D -- David T-G See http://justpickone.org/davidtg/email/ See http://justpickone.org/davidtg/tofu.txt -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org