Hello, On May 29 14:57 Marcus Meissner wrote (excerpt):
So he does not want to give her full root rights.
In Linus particular case he gives her full hardware access (he gives her the laptop) but at the same time he does not want to give her full root rights? I cannot imagine that Linus expects that out-of-the-box any normal user has the right e.g. to add/modify print queues. I don't think it is possible that the current default borderline between normal user rights and administrator rights can be moved towards more rights for normal users (towards more convenience) and still keep the system secure. I think if a normal user gets particular administrator rights, it basically means in the end that this normal user gets a more or less complicated way to somehow gain full administrator rights. There might be a few exceptional cases or even bugs, but in general I think the current default borderline is intentionally where it is because this is exactly what keeps a system secure. E.g.: Allow a normal user to add/modify print queues means to allow him to eavesdrop on every print job content which means that he is allowed to read root's print jobs which means he may collect sufficient information to somehow get full administrator rights, compare https://bugzilla.novell.com/show_bug.cgi?id=752454#c3 I am not against giving a normal user a particular administrator right but the one who allowes it (usually root) must know that this means he must trust the user who gets the particular administrator right. Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org