Xref: utzoo comp.unix.aux:1440 comp.unix.ultrix:2276
Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!rice!husc6!bunny!krs0
From: krs0@GTE.COM (Rod Stephens)
Newsgroups: comp.unix.aux,comp.unix.ultrix
Subject: Re: System management and system file protection
Message-ID: <7869@bunny.GTE.COM>
Date: 4 Dec 89 12:28:55 GMT
References: <1989Dec2.214424.5719@athena.mit.edu> <5719@umd5.umd.edu>
Reply-To: krs0@bunny.gte.com.UUCP (Rod Stephens)
Followup-To: comp.unix.aux
Organization: GTE Laboratories, Waltham, MA
Lines: 21

In article <5719@umd5.umd.edu> steveg@umd5.umd.edu (Steve Green) writes:
>In article <1989Dec2.214424.5719@athena.mit.edu> crowston@athena.mit.edu (Kevin Crowston) writes:
>< all kinds of stuff deleted >
>>
>>What I've thought about doing is creating a group, like operator, and
>>giving that group read/write permissions on files like /etc/passwd,
< lots deleted >

>Anyone who has write permission on /etc/passwd might as well be given the root
>password.  Also, anyone that is doing work on a machine should not be in a mode
< lots more deleted >

While it is true that anyone with write permission on /etc/passwd can
break the system wide open, I think the idea is to protect the person
from accidentally doing something stupid. I must confess that I once
forgot that I was logged on as root and blew away about half of my
operating system.
-- 
Rod Stephens
GTE Laboratories, Inc
(617)466-4182