On Wed, 2012-02-29 at 15:34 -0500, Patrick Shanahan wrote:
* Roger Oberholtzer <roger@opq.se> [02-29-12 15:28]:
On Wed, 2012-02-29 at 15:22 -0500, Robert Schweikert wrote:
On 02/29/2012 03:13 PM, jdd wrote:
Le 29/02/2012 20:40, Larry Stotler a écrit :
As many are aware, Linus Torvalds has started a rant about the security policies
what about give sudo rights to his daugther?
That was one of the suggestions in the google+ comments.
sudo has the huge disadvantage that it opens up too much. The app can do anything root can, when perhaps it is a limited thing you want to allow.
No, sudo can only do that which root has allowed exceptions for sudo-user within /etc/sudoers. It can be very specific or widely general. Exceptions *can* be set for controlling the printer, installing software, connecting to wireless/wired access points, ..............
Don't you mean it can only run the specific programs allowed? Then, as root, the allowed program can do whatever it wants. You cannot restrict it to certain things. Perhaps it is my own pet peeve about limiting network broadcasts to root that I am focusing on. That is a single thing I would like a user program to be able to do. I do not want full root access in the application for this. So if some device discovery / configuration tool is provided by an equipment supplier, I do not need to run it as root just so it can do an initial scan of what equipment is available. 99.999% of the task the app will do does not require root access. As the preferred interface for transducers drifts to ethernet, this is becoming a real big hassle. Yours sincerely, Roger Oberholtzer OPQ Systems / Ramböll RST Office: Int +46 10-615 60 20 Mobile: Int +46 70-815 1696 roger.oberholtzer@ramboll.se ________________________________________ Ramböll Sverige AB Krukmakargatan 21 P.O. Box 17009 SE-104 62 Stockholm, Sweden www.rambollrst.se -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org