Path: utzoo!mnetor!uunet!husc6!hao!boulder!sunybcs!kensmith
From: kensmith@sunybcs.uucp (Ken Smith)
Newsgroups: comp.unix.wizards
Subject: Re: Why does "root" worn everything?
Message-ID: <9318@sunybcs.UUCP>
Date: 15 Mar 88 14:10:53 GMT
References: <5209@uwmcsd1.UUCP> <9269@sunybcs.UUCP> <7454@brl-smoke.ARPA> <9926@steinmetz.steinmetz.UUCP>
Sender: nobody@sunybcs.UUCP
Reply-To: kensmith@sunybcs.UUCP (Ken Smith)
Distribution: na
Organization: SUNY/Buffalo Computer Science
Lines: 23

In article <9926@steinmetz.steinmetz.UUCP> davidsen@crdos1.UUCP (bill davidsen) writes:
>
>  I hope you say that somewhat casually. I consider backups to be a
>routine administrative action, and don't have the luxury of being able
>to do the daily in single user mode. If not root, then how would you do it?

All that's needed for being able to dump is permission to read the device
you're trying to dump.  Group privileges for an 'operator' account are a
convenient way of handling it.  Be sure they also have write permission
on /etc/dumpdates.  It's too bad rdump uses a privileged socket, it'd be
nice to be able to remote dump workstations from a non-root account.  At
least there is a way to set it up so you don't have to make root on the
workstation equivalent to root on the system you're dumping to...

For you security minded people check the permissions of your disks in /dev,
we found them world readable at one point on a couple of our systems.  I
have no idea how they got that way, the list of past and present system
administrators here is long...

						Ken Smith

internet: kensmith@cs.buffalo.edu	bitnet:	kensmith@sunybcs.BITNET
uucp:	  ..!{ames,boulder,decvax,rutgers}!sunybcs!kensmith