On Wednesday, 07 April 2004, at 21:46:05 (-0700), Michael A. Peters wrote: > sudo imho is evil, it takes very careful administration - absolutely > nothing that can possibly spawn a shell. I agree that it's evil, but that wasn't the point. Your answer to "how does Windows' Administrator differ from UNIX's root" was "Several administrator accounts." I was noting just a few of the ways you can do the same thing with Linux. OS X *is* Unix, remember? > The only thing to stop your user from installing rpm's on your > current system is that only root can write to that file (and > permission to write in the directories where the files go) And this is a very good thing. > But if you have a relocatable package, and you tell it to install in > your home directory using an rpm database in your home directory, > you can do that right now. Exactly. Which is the way it should be done, IMHO. > Not really, no. the %post and %pre scripts will only run with the > privileges of the person installing. In fact, this actually is SAFER > than the current method. I disagree. I would much rather install a signed RPM from a trusted source as root than an untrusted RPM from an untrusted source as any user at all (chroot jails aside). Think about this: Evil user Bob installs a package with install triggers for other packages he knows are likely to be installed by other users. Innocent user Alice installs one of said packages, triggering evil Bob's script which proceeds to run as Alice. And before you know it, the FBI is confiscating all your computers because poor innocent Alice just e-mailed death threats to the president. I'll leave figuring out what happens when the admin installs a package here as an exercise to the reader. > Mischief youth can't get root if teacher doesn't have root. You're making a huge assumption here, and you're using it as the premise for the rest of your argument. I disagree with this postulate, so discussing the points which depend on it is futile. In my opinion, your approach (while clever) does not solve the problem. In order to do those things you keep talking about for cleaning up after a screw-up (mke2fs, unmount, etc.), you still require someone with a bare minimum of competency (and root privileges) to accomplish these tasks. And a teacher is far more likely to hand a new software package to the admin and say, "Here, install this for me please," than she is to want to install it herself. Adults who did not grow up with computers as a fact of life are far more cautious and afraid of messing up than those who did. Michael -- Michael Jennings (a.k.a. KainX) http://www.kainx.org/ <mej@xxxxxxxxx> n + 1, Inc., http://www.nplus1.net/ Author, Eterm (www.eterm.org) ----------------------------------------------------------------------- "Oh Rosie, tout est blanc; tes yeux m'eclairent. De t'avoir eue un instant, j'etais tellement fier. Tout ce qu'il me reste a present; l'envie de tout foutre en l'air, et de recommencer la nuit...." -- Francis Cabrel _______________________________________________ Rpm-list mailing list Rpm-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/rpm-list
