On Fri, Jan 12, 2007 at 09:39:11AM EST, David Jardine wrote: > On Thu, Jan 11, 2007 at 07:25:03PM -0500, cga2000 wrote:
Sorry, I didn't didn't mean to be rude. I was unable to check ML's for most of last week and had so much cleaning up to do that I only saw your reply last night. > > So is mopping up the floors in a timely manner.. Doesn't mean you want > > the janitor to have the keys to the corporate safe. > > > > > .. and it should be delegated only to responsible persons. > > > > hence accountability -- sudo appears do that .. but where's the > > granularity..? > > Sudo can give the janitor the keys to the mop cupboard and to all > the floors that need mopping without letting him have the keys to > the corporate safe. Not entirely. sudo really controls actions rather than access to resources. Although it would appear from the examples in the man page that once you have permitted certain actions you can optionaly define their scope - ie. files or directories. Even as a sudoer, our "janitor" still has access to the "corporate safe" but he may only perform "janitorial tasks" -- dust, mop, .. etc. not read or remove its contents. Or in other words sudo is "action-centric" .. as opposed to the "resource-centric" nature of the privileges embedded in the filesystem. So apart from the fact that having to handle privileges from different (opposite?) angles strikes me as inelegant, I am also sceptical as to its being an efficient solution. > Is that what you mean by "granularity"? What I had in mind was a flexible model where different actors of the system can be provided with the privileges required to perform their duties--no more .. no less. In the sole-user sole-admin context of my laptop I don't see how sudo would really help me all that much. My gut-feeling is that the extra complexity and aggravation as compared with a plain and simple root shell on a separate terminal is more likely to cause me to make stupid mistakes. I'm all the more sceptical about using sudo to build a general solution since if it were possible to set up a linux system with a sysadmin id that has the privileges to perform day-to-day administration (software installs & upgrades .. backups .. user administration.. ) without being root .. well.. some distribution or other .. debian, for instance.. why not.. , would already provide it. I'm not necessarily thinking of a solution that would work 100% out-of-the-box for everybody and all circumstances .. but at least some framework that one could build on .. partly manually but also something that would be updated by apt-get whenever you install a piece of software that requires more than joe-user privileges. Thanks. cga -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
