Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!zaphod.mps.ohio-state.edu!sol.ctr.columbia.edu!emory!gatech!uflorida!bikini!bb From: bb@reef.cis.ufl.edu (Brian Bartholomew) Newsgroups: comp.sys.next Subject: Re: Don't backup from root ! Message-ID: Date: 4 Jan 91 06:15:16 GMT References: <7u98u2w163w@questor.wimsey.bc.ca> Sender: news@uflorida.cis.ufl.EDU Organization: /cis/lightning0/bb/.organization Lines: 41 In-reply-to: lclarke@questor.wimsey.bc.ca's message of 4 Jan 91 03:02:41 GMT In article <7u98u2w163w@questor.wimsey.bc.ca> lclarke@questor.wimsey.bc.ca (Lawrence Clarke) writes: > ...and mistakenly entered [...] which tried too backup the scsi drive > to the scsi drive, which deleted the filesystem. As you found out, when you are root, the computer does what you tell it to, usually with no questions asked. The assumption is that you know what you are doing, moreso than the computer's programs can guess. In the future, I would suggest a more cautious, programming- style approach. For instance, once you get your backup routine debugged, write the commands into a shell script so that you don't have to remember and type them perfectly each time you want to use them. Just a thought. > Guess what ... Don't backup your hard disk to floppies if your signed > on as user root! > If you create another user with OPERATOR privledge, then this command > will not allow you too over write the filesystem. This is a nonesuch. You are probably thinking of VMS. Under UNIX, there is exactly one level of "privledge", which is called root. Either you have it, and are allowed to do anything, or you don't, and all the access control mechanisms apply. The whole idea of the single privledge is to get away from the morass of special-cases and security holes that result from an overcomplicated security scheme. Trust me, it's better this way. If your NeXT was a PC, Amiga, or Mac, you would always be operating as "root", because there is no access control in these operating systems. Your NeXT is *better* than these machines. Take advantage of the built-in firewalls by only performing operations as root when there is no other reasonable way to do them. -- "Any sufficiently advanced technology is indistinguishable from a rigged demo." ------------------------------------------------------------------------------- Brian Bartholomew UUCP: ...gatech!uflorida!mathlab.math.ufl.edu!bb University of Florida Internet: bb@math.ufl.edu