Linked by Thom Holwerda on Tue 28th Feb 2012 23:11 UTC
Linux Linus Torvalds on requiring the root password for mundane tasks. "So here's a plea: if you have anything to do with security in a distro, and think that my kids (replace 'my kids' with 'sales people on the road' if you think your main customers are businesses) need to have the root password to access some wireless network, or to be able to print out a paper, or to change the date-and-time settings, please just kill yourself now. The world will be a better place." Yes, it's harsh (deal with it, Finns don't beat around the bush), but he's completely and utterly right. While there's cases where it makes sense to disable certain settings (public terminals, for instance), it is utterly idiotic that regular home users have to type in their root password for such mundane tasks.
Permalink for comment 508906
To read all comments associated with this story, please click here.
RE: 2 remarks...
by itanic on Wed 29th Feb 2012 09:54 UTC in reply to "2 remarks..."
itanic
Member since:
2008-08-03


there should be 2 levels:
- root: master of the universe
- admin: capable of common tasks that affect all users on a box and yet is not capable to make liefe impossible (if you get my drift)


That's what groups are for. Restrict common admin tasks to members of admin groups. Don't make any accounts members of the wheel/operator/admin/etc. groups unless the people who posses them can be trusted. For kids, salespeople, accountants, etc. a regular account with no privileged group memberships should be good enough. They can su to a different account with admin group membership on the occasions where they do need to do admin tasks.

Reply Parent Score: 4