On Wed, Jul 23, 2014 at 08:31:57AM +0000, Stuart Henderson wrote: > I think it may be better to change the group ownership of the device > node instead - I don't see the need for mplayer to have access to the > other privileges that "operator" allows. That's something I have not previously considered, and should have.
My standard "non-root" userid that I create on my systems I have always added to both the wheel and operator groups as a matter of course, since I use the same userid with dump(8). I had not considered that I had been giving every application I run the same access to /dev. :( I'll change my procedures, and remove the group from my standard userid on all my systems. Thank you very much, stu@, for improving my practices.
