Why does "root" worn everything?
Doug Gwyn
gwyn at brl-smoke.ARPA
Sat Mar 19 12:31:29 AEST 1988
In article <9926 at steinmetz.steinmetz.UUCP> davidsen at crdos1.UUCP (bill davidsen) writes:
-In article <7454 at brl-smoke.ARPA> gwyn at brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>) writes:
-| software that requires privilege (e.g., "passwd"). Operating as
-| "root" to do routine administrative actions is a stupid policy.
- I hope you say that somewhat casually. I consider backups to be a
-routine administrative action, and don't have the luxury of being able
-to do the daily in single user mode. If not root, then how would you do it?
The way it's done at BRL is that there is an "operator account" (UID
non-zero), and a set-UID 0 interface executable only by the operator
UID that can invoke a limited number of privileged functions,
including backup/restore.
That is the proper way to invoke privileged functions on UNIX.
More information about the Comp.unix.wizards
mailing list