[plug] Need help with grip under SuSE 8.1
Richard Meyer
meyerri at au1.ibm.com
Tue Jan 14 14:50:53 WST 2003
----- Forwarded by Richard Meyer/Australia/Contr/IBM on 14/01/2003 02:45 PM
-----
Andrew Furey
<simpware at yahoo.c To: plug at plug.linux.org.au
om> cc:
Subject: Re: [plug] Need help with grip under SuSE 8.1
14/01/2003 02:25
PM
Please respond to
plug
>> Yes, it is. Points to /dev/hdb whose permissions are
>> somewhat "more restrictive" rwx for owner who is
>> root, and nothing for anybody else. Group is disk
>> (IIRC).
>>
>> D'you suggest I update the group permissions and add
>> the users to the group, or just give rwx permissions
>> to world + dog?
>One or the other, I should think. There are security
>concerns with either option, however IMHO the latter
>is safer.
Was thinking you'd been smoking something illegal here, but your next
paragraph explains it well. ;)
>Consider the fact that generally, the hd[a-d] devices
>(ie. your hard disk) are also group-owned by disk, so
>if you add your users to that group, they will be able
>to access (and write to, most likely) your direct
>disk. Not the safest thing to do...
OK, thanks for the well reasoned argument - will do it this way.
>I prefer instead to simply give permissions on that
>device. This is assuming, of course, that you can
>trust everyone who has physical access to your CDROM
>(if they had physical access they could do a lot more
>damage if they wanted).
I should hope not - my insurance company would be unhappy if anybody else
had access.
>Naturally you may not want to do that on a production
>server, but you shouldn't really be using grip on such
>a machine :)
Not even if it's the fastest machine? ;)
Isn't that what being admin is all about? But to set your mind at ease,
it's my own machine, without even access to the net yet - Telstra, get that
exchange converted, please.
>Andrew
More information about the plug
mailing list