Xref: utzoo comp.unix.aux:1434 comp.unix.ultrix:2269
Path: utzoo!attcan!uunet!snorkelwacker!bloom-beacon!athena.mit.edu!crowston
From: crowston@athena.mit.edu (Kevin Crowston)
Newsgroups: comp.unix.aux,comp.unix.ultrix
Subject: Re: System management and system file protection
Message-ID: <1989Dec3.155055.25662@athena.mit.edu>
Date: 3 Dec 89 15:50:55 GMT
References: <1989Dec2.214424.5719@athena.mit.edu> <5719@umd5.umd.edu>
Sender: root@athena.mit.edu (Wizard A. Root)
Reply-To: crowston@athena.mit.edu (Kevin Crowston)
Organization: Massachusetts Institute of Technology
Lines: 25


I'm sorry I wasn't clearer in my message.  I'm not particularly
concerned about people breaking in to superuser mode; in fact, on
our systems the root password is generally known.  What I want is
to make routine day-to-day operations not need to be root.  
This is mostly personal preference; I think it's overkill to be
able to do anything when in fact you mostly only want to do one
or two things and possibly dangerous when some of the people
doing the things aren't total hackers.  Furthermore, routine use
of super-user mode makes it less likely you stop and think
about what you're doing; after all, you do it all the time, right?

My impression is that Unix system management assumes a manager with 
the root password and a lot of knowledge and caution and a community of
essentially powerless users who ask the manager to do things.
However, as Unix works its way down to personal workstations and
microcomputers, I don't think that model is so applicable.  In 
particular, in our group I trust everyone's intentions and would
prefer to let them do the things they want rather than having to
do them myself; I just wish there were a way to make routine things
easy and more dangerous things hard (or rather, to put up enough
of a barrier that people stop to think about what they're doing and
maybe ask for help).  

Kevin Crowston