Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.cs.su.oz.au!metro!metro!munnari.OZ.AU!news.ecn.uoknor.edu!news.wildstar.net!news.ececs.uc.edu!cloudbreak.rs.itd.umich.edu!newsxfer3.itd.umich.edu!howland.erols.net!news.mathworks.com!fu-berlin.de!news.belwue.de!news.uni-ulm.de!rz.uni-karlsruhe.de!not-for-mail From: uk1o@rzstud2.rz.uni-karlsruhe.de (Felix Schroeter) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: make a user root Date: 4 Feb 1997 17:42:41 +0100 Organization: University of Karlsruhe, Germany Lines: 30 Message-ID: <5d7ou1$11v@rzstud2.rz.uni-karlsruhe.de> References: <ttt5-2801972101520001@help.schap.rhno.columbia.edu> <5cmgot$fap$1@tabby.kudra.com> <s9n20b44k2i.fsf@suncog13.forwiss.tu-muenchen.de> NNTP-Posting-Host: rzstud2.rz.uni-karlsruhe.de Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:35118 Hello! In article <s9n20b44k2i.fsf@suncog13.forwiss.tu-muenchen.de>, Walter Hafner <hafner@suncog13.forwiss.tu-muenchen.de> wrote: >[... good hints about the least privilege principle ...] >Example: When installing software, always work as ordinary user and 'su' >only for the final installation step! There I contradict. I have my system source under /usr/src (full base system) and local installations under /usr/src/local (if I have BSD style makefiles or makefile wrappers for them) or /usr/src/local.nowrapper (custom makefiles). And by a personal principle, nothing under /usr/src should be non-root writeable. So a system rebuild (or a software addition to local or local.nowrapper) has to run as root not only in the final install step. >[...] >tar zcf /dev/rsd0 * I *like* BSD's secure mode. >[...] >Right! I have very good experiences with sudo! Dito (felix = (all) all works wonder) Regards, Felix.