Dave Ihnat said: > On Thu, Nov 20, 2003 at 01:08:53PM -0800, Richard Crawford wrote: >> Before I get into this, allow me to add a disclaimer: I don't know >> why this person wants to do this, I have advised them against it, I >> have told them it's a security risk and just general bad practice, but >> they want to do it anyway. > > Do they really want to do this, or do they just want to give the account > owner the rights to do certain things normally restricted to root? And > if they think they want to do this, try to find out the reasoning... I've discovered that the reasoning is that they're installing Arcserve, which requires a higher-level user (?). I expressed surprise that Arcserve didn't handle this itself during the installation process, and asked if he was installing it as root or as a regular user. > A worse-than-usual approach would be to change the user ID in > /etc/passwd to zero (0). But I'd really, REALLY work on getting them to > use sudo. He's convinced that he can place the username in a group to give it root permissions. Sláinte, Richard S. Crawford (AIM: Buffalo2K) http://www.mossroot.com http://www.stonegoose.com/catseyeview Howard Dean for America: http://www.deanforamerica.com "I really didn't realize the librarians were, you know, such a dangerous group. They are subversive. You think they're just sitting there at the desk, all quiet and everything. They're like plotting the revolution, man. I wouldn't mess with them." --Michael Moore -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
